For the past decades, SS7 protocol has been our closest neighbor to support the roaming infrastructure. However, with untrusted agents exploiting this protocol and the migration to 5G, many operators are at risk of security data breaches and the inability to switch to 5G secure infrastructure fast. Especially now, when major cybersecurity organizations (ENISA) include signaling security in their 5G networks threat landscape, SS7 protocol has to come into the spotlight during the design stage.
Our live webinar, hosted by our telecom experts Federico Aureli, Technical Security Specialist, and Milan Brezina, Telecom and SMS fraud expert, reveals the trending topics in SS7 security and explains:
- Why SS7 will stay a long time even in the era of 5G
- Why mobile operators should take into account SS7 weaknesses
- What SS7 protocol real-life fraud cases exist
Follow us on LinkedIn to keep up with our upcoming webinars and events: https://www.linkedin.com/company/positive-tech
Both mobile operators and cybercriminals make heavy use of the SS7 protocol on previous-generation networks.
SS7 is old and vulnerable to attacks, yet will underpin the advanced networks of tomorrow. Learning more about SS7 is mission-critical for securing increasingly complex environments.
Watch the webinar to learn all about the ins and outs of SS7 for a smooth transition to 5G!
Our premium SS7 Security Analysis Report serves as a valuable knowledge base for cybersecurity specialists and network experts as they prepare for the security challenges of 2020. To access the report, go to: https://positive-tech.com/research/ss7-network-security-analysis-2020/
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Attacks you can't combat: vulnerabilities of most robust MNOsPositiveTechnologies
In his 45-minute presentation, our expert demonstrates how an intruder can use new SS7 vulnerabilities to bypass security tools. You will find out why it is possible, how network equipment reacts to malicious traffic, and what can be done to secure telecom networks.
How to Intercept a Conversation Held on the Other Side of the PlanetPositive Hack Days
The document describes how to intercept mobile phone conversations and intercept text messages by exploiting vulnerabilities in the SS7 protocol. It explains how to collect a target's private information from the HLR like IMSI and location. It then shows how an attacker can spoof being an MSC or HLR to intercept calls and SMS, or conduct denial of service attacks by monopolizing the network's resources through endless signaling requests. The goal is to illustrate real threats to mobile network security from vulnerabilities in SS7 and inter-network connectivity.
This presentation shows the insights of the successful maintenance and development of the designed tool for the Diameter protocol, raises awareness about other security protocols, and is of service to those who find protocol vulnerabilities daunting.
A big challenge for mobile network operators in the new, ever-evolving 5G era is the signaling security of the standardized protocols used in order to exchange data. Telecommunication companies face this challenge and have to be on the verge every time there is a potential hacker attack. What is the best way to approach these striking threats and even to be ready before it occurs?
In our webinar, Positive Technologies will offer you several breakthrough strategies on how to deal with security flaws in telecom.
Our expert will show you the evolution of protocol security, share insights into the potential activities of a hacker and give useful advice about compliance with security standards.
Simjacker: how to protect your network from the latest hot vulnerabilityPositiveTechnologies
Simjacker is a vulnerability that allows hackers to exploit SMS commands to gain control of mobile devices. The document discusses:
1. The history of STK and how it allows SMS-based menus and commands to be sent to SIM cards, including sending location data and making calls.
2. How the Simjacker vulnerability works by sending SMS commands from an unauthorized number or platform to exploit the STK functionality.
3. Recommendations for networks to protect against Simjacker like prohibiting direct STK SMS messages and continually monitoring and assessing networks for vulnerabilities.
Nowadays mobile networks are the most dynamic part of critical communication infrastructures and the key instrument used to perform daily activities ranging from voice and text messaging to providing signaling for emergency services and critical infrastructure.
Both mobile operators and cybercriminals make heavy use of the SS7 protocol on previous-generation networks.
SS7 is old and vulnerable to attacks, yet will underpin the advanced networks of tomorrow. Learning more about SS7 is mission-critical for securing increasingly complex environments.
Watch the webinar to learn all about the ins and outs of SS7 for a smooth transition to 5G!
Our premium SS7 Security Analysis Report serves as a valuable knowledge base for cybersecurity specialists and network experts as they prepare for the security challenges of 2020. To access the report, go to: https://positive-tech.com/research/ss7-network-security-analysis-2020/
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Attacks you can't combat: vulnerabilities of most robust MNOsPositiveTechnologies
In his 45-minute presentation, our expert demonstrates how an intruder can use new SS7 vulnerabilities to bypass security tools. You will find out why it is possible, how network equipment reacts to malicious traffic, and what can be done to secure telecom networks.
How to Intercept a Conversation Held on the Other Side of the PlanetPositive Hack Days
The document describes how to intercept mobile phone conversations and intercept text messages by exploiting vulnerabilities in the SS7 protocol. It explains how to collect a target's private information from the HLR like IMSI and location. It then shows how an attacker can spoof being an MSC or HLR to intercept calls and SMS, or conduct denial of service attacks by monopolizing the network's resources through endless signaling requests. The goal is to illustrate real threats to mobile network security from vulnerabilities in SS7 and inter-network connectivity.
This presentation shows the insights of the successful maintenance and development of the designed tool for the Diameter protocol, raises awareness about other security protocols, and is of service to those who find protocol vulnerabilities daunting.
A big challenge for mobile network operators in the new, ever-evolving 5G era is the signaling security of the standardized protocols used in order to exchange data. Telecommunication companies face this challenge and have to be on the verge every time there is a potential hacker attack. What is the best way to approach these striking threats and even to be ready before it occurs?
In our webinar, Positive Technologies will offer you several breakthrough strategies on how to deal with security flaws in telecom.
Our expert will show you the evolution of protocol security, share insights into the potential activities of a hacker and give useful advice about compliance with security standards.
Simjacker: how to protect your network from the latest hot vulnerabilityPositiveTechnologies
Simjacker is a vulnerability that allows hackers to exploit SMS commands to gain control of mobile devices. The document discusses:
1. The history of STK and how it allows SMS-based menus and commands to be sent to SIM cards, including sending location data and making calls.
2. How the Simjacker vulnerability works by sending SMS commands from an unauthorized number or platform to exploit the STK functionality.
3. Recommendations for networks to protect against Simjacker like prohibiting direct STK SMS messages and continually monitoring and assessing networks for vulnerabilities.
Nowadays mobile networks are the most dynamic part of critical communication infrastructures and the key instrument used to perform daily activities ranging from voice and text messaging to providing signaling for emergency services and critical infrastructure.
Telecom security from ss7 to all ip all-open-v3-zeronightsP1Security
Telecom security is way more than SIP-breaking some peripheral PBXs and raking a few thousands of dollars of free calls. From the formerly closed garden of SS7 to new all-IP telecom protocols such as Diameter and LTE protocols, the telecom domain faces now both the challenges of availability -one minute of downtime costs literally millions- and signaling vulnerabilities cutting down entire countries, causing massive frauds and the all new networking protocols. These new telecom protocols are rolled out in IP-centric fashion, with its myriad of standard IP security pitfalls and vulnerabilities, as well as very specific telecom vulnerabilities. The HLR is not only using TCP/IP for OAM and business workflow, but also now being named an HSS, it uses IP-only protocols such as Diameter for its Core Network signaling operations. That means that now telecom are facing new security risks both in term of exposure and threats, with its Core Network being exposed to unsophisticated IP-centered attackers, and the continuous waves of telecom-centered defrauders. In this presentation, we'll demo the new technologies of 3G and LTE networks and how to attack and defend them. We'll also show what kind of exposure one telecom companies, Mobile Network Operators and SS7 providers shows to external attackers.
Mobile operators across the globe have already started to roll out their 5G. It is here to stay and so security should be kept it mind ensuring the industry learns from the lessons of previous generous networks.
In 2020 our PT Telecom Attack Discovery (PT TAD) 5G-ready next-generation signaling firewall scored no. 1 on the security market.* Want to find out the reasons behind this accolade, then watch the record of our webinar to learn about an effective approach towards signaling security in the era of 5G.
During the live session Positive Technologies’ experts - Kirill Puzankov, Product Manager and Jimmy Jones, security telecoms expert:
explained how to implement security for Core networks quickly, efficiently and with fewer efforts
showed a demo on how telecom operators could withstand an attack or malicious actions using our next-generation Telecom Attack Discovery signaling Firewall
provided statistics and key trends in signaling security.
* According to ROCCO Signalling Firewall Vendor Performance Report 2020. https://positive-tech.com/research/rocco-report-2020/
Follow us on LinkedIn to keep up with our upcoming webinars and events: https://www.linkedin.com/company/positive-tech/
Dmitry Kurbatov is the CTO of Positive Technologies, a cybersecurity company. He began his career as a network engineer in 2007 before switching to security in 2009. In his presentation, he discusses security issues for 5G and IoT networks. He notes that the virtualized and programmable nature of 5G introduces new vulnerabilities, and that legacy threats to previous cellular standards still apply. Additionally, the massive number of connected IoT devices poses new threats like large-scale botnets. He concludes by providing guidelines for 5G security, including implementing policies separately for each network slice and securing new interfaces from the start.
Telecom incidents investigation: daily work behind the scenesPositiveTechnologies
Telecom providers build, operate, and manage integrated voice and data networks, transmitting and storing vast amounts of sensitive data. With 5G bringing eMBB and expanding the service portfolio of businesses, this volume is set to see a manifold increase, making them a golden goose for hackers.
Active work on the cyberattack prevention side is an absolute must for operators, and threat intelligence is one of the important pillars of robust security.
In this webinar we have an interactive discussion of the most common weaknesses and threats in 4G and 5G networks, plus:
How to implement a smart «risk-driven» approach to security
How to detect traces of cybercrime in signaling networks and prevent suspicious activities in telecom networks
How to make your SOC telecom-oriented
CSIRT and CERT: when it’s time to bring in outside expertise
Philippe Langlois - LTE Pwnage - P1securityP1Security
Today, we’re entering the realm of LTE super high speed always-on connectivity and with that comes the victory of TCP/IP in front of the old ITU/3GPP protocols. And with this comes many side effects: software gets standardized, everything runs on top of ATCA (Advanced Telecom Computing Architecture) hardware running mostly Linux -give or take 6 or 8 proprietary FPGA-based sister cards, TFTP-booted with decade old VxWorks that routinely show hardcoded DES credentials and funny “behaviour”. Easily 20 GB of fat C++ binaries, some for x86, PPC, MIPS, some with up to 200 Mbytes file sizes for one single EXE! It’s called a vulnerability research and reverse engineering paradise… or hell.
All the protocols now run on top of IP, which ends up having 12 layers thanks to encapsulation and still the weight of legacy in bugs quantity and diversity. We’ll see how the porting of SS7 MAP on top of IP (SIGTRAN, Diameter) has given rise to funny Denial of Service (DoS) attacks against telecom core elements (DSR, STP), with trashy-crashy anti-forensics consequences for DPI and tracking (Hey @grugq!!).
We’ll look into specific vulnerabilities, and talk about the very particular way that Network Equipment Vendors deal with security in the telecom domain.
We will demo a virtualized Huawei HSS from our testbed and show some of the vulnerabilities and attacks directly on the equipment itself. We will finally talk about telco equipment and product security reviews and the fallacy of (some) certification and (many) standardization attempts. We will then see how to conduct a practical and fast telecom product security life cycle with automation and open source tools.
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
Kirill Puzankov in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
User location tracking attacks for LTE networks using the Interworking Functi...Siddharth Rao
This document discusses how location tracking attacks can be carried out in LTE networks using the Interworking Functionality (IWF). It summarizes that while LTE offers good security on the air interface, the Diameter protocol is as insecure as SS7 when it comes to location disclosure attacks. The document shows how SS7 attacks can be ported to LTE/Diameter networks using IWFs, allowing an attacker to obtain a victim's IMSI and track their location down to the cell ID level. It concludes by recommending countermeasures like adhering to security standards and efficient filtering to prevent such IWF-based location tracking attacks.
Telecom under attack: demo of fraud scenarios and countermeasuresPositiveTechnologies
Telecom fraud is booming at an alarming rate worldwide to become a major source of revenue loss for mobile operators. According to the CFSA, mobile operators lost $28 billion to fraud in 2019. SIM swapping has again become a hot-button topic in the telecom industry. This worrying trend is provoking disputes between banks and telecoms and causing harm all around.
Our security experts Sergey Puzankov and Milan Březina show how to perform and protect from different attacks in the telecom world, including:
- SIM swapping
- A2P SMS termination with security bypass
- OTP SMS interception
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...PositiveTechnologies
This document discusses security threats and vulnerabilities in 5G standalone networks. It begins by introducing the speakers and providing background on Positive Technologies' experience in telecommunications security. It then outlines various attack vectors such as man-in-the-middle attacks and denial-of-service attacks on the 5G standalone core. The document explains that protocols like PFCP are similarly vulnerable to attacks as previous protocols like GTP. It argues that network operators should focus on prevention to avoid costly security failures. Finally, it discusses the challenges network operators face and how Positive Technologies can help through automated security products and expert services.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
Diameter protocol has been introduced to replace in many aspects SS7/SIGTRAN in the LTE and VoLTE networks, and such as these 2G/3G networks, Diameter also has its dedicated global roaming network named IPX (IP eXchange) that allows international roaming for LTE users..
Back in the days Diameter was already used by the PCRF in 2G/3G networks for charging purposes, but its usage has been extended to completely replace the signalization role of SS7/SIGTRAN in LTE networks. SS7/SIGTRAN security flows are now public after several publications, but what about Diameter security ? By replacing old and insecure protocols, does Diameter come with built-in security?
During the presentation, we will study how the IPX infrastructure operates and how security is taken into account nowadays regarding the newest 4G telecom technologies. Getting into different point of view allowed us to find major Diameter vulnerabilities via the IPX, which affect almost all the network elements HSS, MME, GMLC, PCRF, PDN GW, including DNS serving telecom TLDs. Understanding the mistakes that led to a former generation of telecom networks we came out with insecure protocols will maybe help us to push security by design in the future.
Nevertheless, as a telecom provider we will provide recommendations to secure LTE infrastructures and share technical countermeasures we have implemented against different Diameter attacks and fraud scenarios to protect our network and customers. Along with recommendations, we will present some ways on how to self audit and do self monitoring of your network, as we consider that telecom providers need to take back the control of their networks!
Troopers website link: https://www.troopers.de/events/troopers16/653_assaulting_ipx_diameter_roaming_network/
LTE is designed with strong cryptographic techniques, mutual authentication between LTE network elements with security mechanisms built into its architecture.
With the emergence of the open, all IP based, distributed architecture of LTE, attackers can target mobile devices and networks with spam, eavesdropping, malware, IP-spoofing, data and service theft, DDoS attacks and numerous other variants of cyber-attacks and crimes.
This document summarizes GSM architecture and call flows, including inter-MSC and intra-MSC call flows. Inter-MSC call flow occurs between two different MSCs, while intra-MSC call flow is between two BSCs within the same MSC. The inter-MSC call flow involves signaling between the BSC, MSC-O, MSC-T, HLR, and RNC to set up and release the call bearers. The intra-MSC call flow involves signaling between the MS-O, BSC-O, MSC/VLR, MGW, HLR, BSC-T, and MS-T to authenticate, set up, and release call bearers within a single MSC
Sigtran and SS7 over IP technologies allow the transport of SS7 signaling over an IP network. Sigtran defines protocols like SCTP and M3UA that encapsulate SS7 and ensure reliable delivery over IP. A phased deployment strategy migrates SS7 links onto IP in stages to test performance before full conversion. Testing focuses on priority, failure handling, latency, and interoperability to ensure equivalent functionality over IP.
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
Telecommunications Infrastructure Security
Getting in the SS7 kingdom: hard technology and disturbingly easy hacks to get entry points in the walled garden. This document discusses vulnerabilities in SS7 that allow unauthorized access to telecommunications infrastructure. It describes how SS7 was designed for reliability over security. It also outlines various entry points like STP connectivity, SIGTRAN protocols, and vulnerabilities in 3G femtocells that can be exploited to conduct attacks. The document warns that the traditional walled garden of telecom networks is opening up due to these issues and becoming harder to secure.
Call flow oma000003 gsm communication flowEricsson Saudi
The document summarizes several key GSM procedures including authentication and ciphering sequence, location update sequence, basic call sequences, and equipment identification. It provides detailed signaling diagrams to illustrate the message flows between different nodes in the network for these procedures.
In 3GPP standards from 3G onwards, all mobile devices that can connect to cellular networks, including smartphones, data cards, hotspots, tablets, and more recently connected devices like cars and fridges, are referred to as User Equipment (UE). UE is an evolution from the term Mobile Station used in earlier 1G and 2G standards, as devices have advanced from simple "feature phones" to include both phone and computing functionality as well as the ability to access the internet from mobile data connections.
Simplified Call Flow Signaling: Registration - The Attach Procedure3G4G
This presentation/video provides an example of the registration procedure. The device or UE needs to let the core network(s) know that it is switched on and active. This procedure is known as registration. The UE can register individually to the CS and PS core networks. Most modern networks allow combined registration (or combined attach) whereby the UE registers only to the PS network and the PS network informs the CS network that the UE is active.
This document contains a presentation given by David Morrow of Vodafone to the i3Forum on fraud issues related to next generation networks. The presentation discusses how next generation networks will separate the bearer network from services, creating challenges for fraud management. Specifically, it notes that next generation networks will involve more complex technologies, dynamic identities, and different billing models than current networks. This will create new opportunities for fraudsters but also require new approaches to fraud detection across both the bearer and services layers.
Unleashing the Power of Telecom Network Security.pdfSecurityGen1
Telecommunications networks face increasing security threats as they converge with IT technologies and rely more on virtualization and third party suppliers. This exposes sensitive subscriber data and critical network functions to risk. Regulators have established guidelines for telecom supply chain security, but recent breaches show these risks are not always adequately addressed. MNOs must implement stringent security for new services like 5G roaming to properly inspect, protect, and detect threats across complex interconnections between networks.
Telecom security from ss7 to all ip all-open-v3-zeronightsP1Security
Telecom security is way more than SIP-breaking some peripheral PBXs and raking a few thousands of dollars of free calls. From the formerly closed garden of SS7 to new all-IP telecom protocols such as Diameter and LTE protocols, the telecom domain faces now both the challenges of availability -one minute of downtime costs literally millions- and signaling vulnerabilities cutting down entire countries, causing massive frauds and the all new networking protocols. These new telecom protocols are rolled out in IP-centric fashion, with its myriad of standard IP security pitfalls and vulnerabilities, as well as very specific telecom vulnerabilities. The HLR is not only using TCP/IP for OAM and business workflow, but also now being named an HSS, it uses IP-only protocols such as Diameter for its Core Network signaling operations. That means that now telecom are facing new security risks both in term of exposure and threats, with its Core Network being exposed to unsophisticated IP-centered attackers, and the continuous waves of telecom-centered defrauders. In this presentation, we'll demo the new technologies of 3G and LTE networks and how to attack and defend them. We'll also show what kind of exposure one telecom companies, Mobile Network Operators and SS7 providers shows to external attackers.
Mobile operators across the globe have already started to roll out their 5G. It is here to stay and so security should be kept it mind ensuring the industry learns from the lessons of previous generous networks.
In 2020 our PT Telecom Attack Discovery (PT TAD) 5G-ready next-generation signaling firewall scored no. 1 on the security market.* Want to find out the reasons behind this accolade, then watch the record of our webinar to learn about an effective approach towards signaling security in the era of 5G.
During the live session Positive Technologies’ experts - Kirill Puzankov, Product Manager and Jimmy Jones, security telecoms expert:
explained how to implement security for Core networks quickly, efficiently and with fewer efforts
showed a demo on how telecom operators could withstand an attack or malicious actions using our next-generation Telecom Attack Discovery signaling Firewall
provided statistics and key trends in signaling security.
* According to ROCCO Signalling Firewall Vendor Performance Report 2020. https://positive-tech.com/research/rocco-report-2020/
Follow us on LinkedIn to keep up with our upcoming webinars and events: https://www.linkedin.com/company/positive-tech/
Dmitry Kurbatov is the CTO of Positive Technologies, a cybersecurity company. He began his career as a network engineer in 2007 before switching to security in 2009. In his presentation, he discusses security issues for 5G and IoT networks. He notes that the virtualized and programmable nature of 5G introduces new vulnerabilities, and that legacy threats to previous cellular standards still apply. Additionally, the massive number of connected IoT devices poses new threats like large-scale botnets. He concludes by providing guidelines for 5G security, including implementing policies separately for each network slice and securing new interfaces from the start.
Telecom incidents investigation: daily work behind the scenesPositiveTechnologies
Telecom providers build, operate, and manage integrated voice and data networks, transmitting and storing vast amounts of sensitive data. With 5G bringing eMBB and expanding the service portfolio of businesses, this volume is set to see a manifold increase, making them a golden goose for hackers.
Active work on the cyberattack prevention side is an absolute must for operators, and threat intelligence is one of the important pillars of robust security.
In this webinar we have an interactive discussion of the most common weaknesses and threats in 4G and 5G networks, plus:
How to implement a smart «risk-driven» approach to security
How to detect traces of cybercrime in signaling networks and prevent suspicious activities in telecom networks
How to make your SOC telecom-oriented
CSIRT and CERT: when it’s time to bring in outside expertise
Philippe Langlois - LTE Pwnage - P1securityP1Security
Today, we’re entering the realm of LTE super high speed always-on connectivity and with that comes the victory of TCP/IP in front of the old ITU/3GPP protocols. And with this comes many side effects: software gets standardized, everything runs on top of ATCA (Advanced Telecom Computing Architecture) hardware running mostly Linux -give or take 6 or 8 proprietary FPGA-based sister cards, TFTP-booted with decade old VxWorks that routinely show hardcoded DES credentials and funny “behaviour”. Easily 20 GB of fat C++ binaries, some for x86, PPC, MIPS, some with up to 200 Mbytes file sizes for one single EXE! It’s called a vulnerability research and reverse engineering paradise… or hell.
All the protocols now run on top of IP, which ends up having 12 layers thanks to encapsulation and still the weight of legacy in bugs quantity and diversity. We’ll see how the porting of SS7 MAP on top of IP (SIGTRAN, Diameter) has given rise to funny Denial of Service (DoS) attacks against telecom core elements (DSR, STP), with trashy-crashy anti-forensics consequences for DPI and tracking (Hey @grugq!!).
We’ll look into specific vulnerabilities, and talk about the very particular way that Network Equipment Vendors deal with security in the telecom domain.
We will demo a virtualized Huawei HSS from our testbed and show some of the vulnerabilities and attacks directly on the equipment itself. We will finally talk about telco equipment and product security reviews and the fallacy of (some) certification and (many) standardization attempts. We will then see how to conduct a practical and fast telecom product security life cycle with automation and open source tools.
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
Kirill Puzankov in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
User location tracking attacks for LTE networks using the Interworking Functi...Siddharth Rao
This document discusses how location tracking attacks can be carried out in LTE networks using the Interworking Functionality (IWF). It summarizes that while LTE offers good security on the air interface, the Diameter protocol is as insecure as SS7 when it comes to location disclosure attacks. The document shows how SS7 attacks can be ported to LTE/Diameter networks using IWFs, allowing an attacker to obtain a victim's IMSI and track their location down to the cell ID level. It concludes by recommending countermeasures like adhering to security standards and efficient filtering to prevent such IWF-based location tracking attacks.
Telecom under attack: demo of fraud scenarios and countermeasuresPositiveTechnologies
Telecom fraud is booming at an alarming rate worldwide to become a major source of revenue loss for mobile operators. According to the CFSA, mobile operators lost $28 billion to fraud in 2019. SIM swapping has again become a hot-button topic in the telecom industry. This worrying trend is provoking disputes between banks and telecoms and causing harm all around.
Our security experts Sergey Puzankov and Milan Březina show how to perform and protect from different attacks in the telecom world, including:
- SIM swapping
- A2P SMS termination with security bypass
- OTP SMS interception
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...PositiveTechnologies
This document discusses security threats and vulnerabilities in 5G standalone networks. It begins by introducing the speakers and providing background on Positive Technologies' experience in telecommunications security. It then outlines various attack vectors such as man-in-the-middle attacks and denial-of-service attacks on the 5G standalone core. The document explains that protocols like PFCP are similarly vulnerable to attacks as previous protocols like GTP. It argues that network operators should focus on prevention to avoid costly security failures. Finally, it discusses the challenges network operators face and how Positive Technologies can help through automated security products and expert services.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
Diameter protocol has been introduced to replace in many aspects SS7/SIGTRAN in the LTE and VoLTE networks, and such as these 2G/3G networks, Diameter also has its dedicated global roaming network named IPX (IP eXchange) that allows international roaming for LTE users..
Back in the days Diameter was already used by the PCRF in 2G/3G networks for charging purposes, but its usage has been extended to completely replace the signalization role of SS7/SIGTRAN in LTE networks. SS7/SIGTRAN security flows are now public after several publications, but what about Diameter security ? By replacing old and insecure protocols, does Diameter come with built-in security?
During the presentation, we will study how the IPX infrastructure operates and how security is taken into account nowadays regarding the newest 4G telecom technologies. Getting into different point of view allowed us to find major Diameter vulnerabilities via the IPX, which affect almost all the network elements HSS, MME, GMLC, PCRF, PDN GW, including DNS serving telecom TLDs. Understanding the mistakes that led to a former generation of telecom networks we came out with insecure protocols will maybe help us to push security by design in the future.
Nevertheless, as a telecom provider we will provide recommendations to secure LTE infrastructures and share technical countermeasures we have implemented against different Diameter attacks and fraud scenarios to protect our network and customers. Along with recommendations, we will present some ways on how to self audit and do self monitoring of your network, as we consider that telecom providers need to take back the control of their networks!
Troopers website link: https://www.troopers.de/events/troopers16/653_assaulting_ipx_diameter_roaming_network/
LTE is designed with strong cryptographic techniques, mutual authentication between LTE network elements with security mechanisms built into its architecture.
With the emergence of the open, all IP based, distributed architecture of LTE, attackers can target mobile devices and networks with spam, eavesdropping, malware, IP-spoofing, data and service theft, DDoS attacks and numerous other variants of cyber-attacks and crimes.
This document summarizes GSM architecture and call flows, including inter-MSC and intra-MSC call flows. Inter-MSC call flow occurs between two different MSCs, while intra-MSC call flow is between two BSCs within the same MSC. The inter-MSC call flow involves signaling between the BSC, MSC-O, MSC-T, HLR, and RNC to set up and release the call bearers. The intra-MSC call flow involves signaling between the MS-O, BSC-O, MSC/VLR, MGW, HLR, BSC-T, and MS-T to authenticate, set up, and release call bearers within a single MSC
Sigtran and SS7 over IP technologies allow the transport of SS7 signaling over an IP network. Sigtran defines protocols like SCTP and M3UA that encapsulate SS7 and ensure reliable delivery over IP. A phased deployment strategy migrates SS7 links onto IP in stages to test performance before full conversion. Testing focuses on priority, failure handling, latency, and interoperability to ensure equivalent functionality over IP.
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
Telecommunications Infrastructure Security
Getting in the SS7 kingdom: hard technology and disturbingly easy hacks to get entry points in the walled garden. This document discusses vulnerabilities in SS7 that allow unauthorized access to telecommunications infrastructure. It describes how SS7 was designed for reliability over security. It also outlines various entry points like STP connectivity, SIGTRAN protocols, and vulnerabilities in 3G femtocells that can be exploited to conduct attacks. The document warns that the traditional walled garden of telecom networks is opening up due to these issues and becoming harder to secure.
Call flow oma000003 gsm communication flowEricsson Saudi
The document summarizes several key GSM procedures including authentication and ciphering sequence, location update sequence, basic call sequences, and equipment identification. It provides detailed signaling diagrams to illustrate the message flows between different nodes in the network for these procedures.
In 3GPP standards from 3G onwards, all mobile devices that can connect to cellular networks, including smartphones, data cards, hotspots, tablets, and more recently connected devices like cars and fridges, are referred to as User Equipment (UE). UE is an evolution from the term Mobile Station used in earlier 1G and 2G standards, as devices have advanced from simple "feature phones" to include both phone and computing functionality as well as the ability to access the internet from mobile data connections.
Simplified Call Flow Signaling: Registration - The Attach Procedure3G4G
This presentation/video provides an example of the registration procedure. The device or UE needs to let the core network(s) know that it is switched on and active. This procedure is known as registration. The UE can register individually to the CS and PS core networks. Most modern networks allow combined registration (or combined attach) whereby the UE registers only to the PS network and the PS network informs the CS network that the UE is active.
This document contains a presentation given by David Morrow of Vodafone to the i3Forum on fraud issues related to next generation networks. The presentation discusses how next generation networks will separate the bearer network from services, creating challenges for fraud management. Specifically, it notes that next generation networks will involve more complex technologies, dynamic identities, and different billing models than current networks. This will create new opportunities for fraudsters but also require new approaches to fraud detection across both the bearer and services layers.
Unleashing the Power of Telecom Network Security.pdfSecurityGen1
Telecommunications networks face increasing security threats as they converge with IT technologies and rely more on virtualization and third party suppliers. This exposes sensitive subscriber data and critical network functions to risk. Regulators have established guidelines for telecom supply chain security, but recent breaches show these risks are not always adequately addressed. MNOs must implement stringent security for new services like 5G roaming to properly inspect, protect, and detect threats across complex interconnections between networks.
Strengthening Your Network Against Future Incidents with SecurityGenSecurityGen1
Prevention is the cornerstone of a resilient network defense strategy. SecurityGen empowers you to take a proactive stance against potential incidents, fortifying your network against future threats. This segment outlines the proactive defense mechanisms offered by SecurityGen, highlighting how these measures can bolster your network's security posture and provide peace of mind in an ever-evolving digital landscape.
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceSecurityGen1
The digital age has redefined the way we communicate, relying on a complex network of telecommunications infrastructure to bridge distances and connect individuals, organizations, and nations. However, as the reliance on these interconnected systems grows, so does the potential for cyber threats to disrupt these vital connections. "Telecom Cybersecurity" takes center stage as the safeguarding force that strengthens the resilience of these networks against cyberattacks and breaches
In 2020, many telecommunication companies will debut their first commercial 5G networks. The 5G mission has become a hot-button topic for the entire telecom community. But these networks have inherited many threats from their 3G and 4G forebears. Long-known weaknesses in security protocols and algorithms have been baked into new 5G systems. This creates a perfect storm for threat actors to target 5G security weaknesses using their old tricks.
Watch the webinar recording, where PT experts Paolo Emiliani, Head of Pre-Sales Engineering team, and Jun Kim, Managing Director, Korea, help you to navigate the tricky path to 5G deployment and:
explain new 5G trust and service delivery models
assess the evolving 5G threat landscape and privacy issues
explore realms of 5G protection with a focus on real-life cases
discuss new and emerging 5G threats affecting telecom infrastructure and end devices
explain why roaming protection in 5G is a game-changer
underline essential mitigation techniques for 5G security
Follow us on LinkedIn to keep up with our upcoming webinars and events: https://www.linkedin.com/company/positive-tech/
Security course: exclusive 5G SA pitfalls and new changes to legislationPositiveTechnologies
This document provides information about Positive Technologies, a leading cybersecurity company focused on telecom security. Some key points:
- Positive Technologies has 19 years of experience in enterprise cybersecurity R&D and 9 years focused on telecom security. It has two R&D centers in Europe.
- The company performs over 60 security assessments per year for telecom operators and was the first vendor focused on end-to-end cybersecurity for mobile operators.
- Positive Technologies has a global presence with offices in 10 countries and has performed projects in 41 countries.
- As a pioneer in signaling security research, the company has published numerous reports on vulnerabilities in 2G-5G networks and standards over the past
The document discusses cybersecurity trends in South Africa. Some key points:
1. South Africa has a growing cybersecurity market due to increasing digital transformation and cyber attacks targeting sectors like financial services and healthcare.
2. The cybersecurity market in South Africa is expected to grow from $667 million in 2017 to over $1 billion by 2022, as enterprises allocate more of their IT budgets to security.
3. Common causes of data breaches in South Africa include malicious attacks and human errors, with the financial cost estimated to be around $200 million per year.
This survey of over 100 Hong Kong fintech companies in 2017-2018 found that:
- A majority had medium cybersecurity risks with scores over 6000 but below 8000.
- Over 1/3 had not configured SPF and over 3/4 had not configured DKIM or DMARC, leaving them vulnerable to phishing.
- 70% had not set up a privacy policy or terms page on their site, risking noncompliance with GDPR.
- 42% were susceptible to the CRIME SSL vulnerability and under 7% to POODLE, showing risks from outdated encryption.
- Over half had vulnerabilities like lack of XSS protection, WAF, or HTTPS that could enable attacks.
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdfSecurityGen1
GTP vulnerabilities pose risks to 5G and LTE networks. The study found that:
1) Most networks exhibited some GTP vulnerabilities and over half had medium security levels.
2) Common attacks like fraud, data interception, and subscriber DoS succeeded in many networks.
3) Very few networks implemented robust security measures like GTP firewalls, and most lacked any security monitoring.
4) The lack of comprehensive security measures leaves networks exposed to serious threats. Stronger protections are urgently needed.
GTP vulnerabilities pose risks to 5G and LTE networks. The study found that:
1) Most networks exhibited some GTP vulnerabilities and over half had medium security levels.
2) Common attacks like fraud, data interception, and subscriber DoS succeeded in many networks.
3) Very few networks implemented robust security measures like GTP firewalls, and most lacked any security monitoring.
4) The lack of comprehensive security measures leaves networks exposed to serious threats. Stronger protections are urgently needed.
Secure Your Network with Confidence Understanding - GTP Protocols by Security...SecurityGen1
SecurityGen leads the way in shaping the future of mobile network security through its GTP (GPRS Tunneling Protocol) protocols. Engineered with precision and backed by extensive research, these protocols are the cornerstone of SecurityGen's commitment to securing communication channels. As mobile networks continue to play a pivotal role in our interconnected world, SecurityGen's GTP protocols emerge as a vital safeguard against potential vulnerabilities.
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...Security Gen
The rapid evolution of mobile technologies has revolutionized our daily lives, making
mobile networks an essential part of modern society. However, as mobile networks
continue to advance, they have also become prime targets for malicious actors
seeking to exploit vulnerabilities for their malicious purposes.
6 Key Findings Security Findings for Service ProvidersNETSCOUT
While DDoS attacks evolve in size, volume, frequency, and complexity each year, attackers never stray from one bedrock principle: If it’s important to network operators and enterprises, it’s important to them.
As a mobile operator, how do you unlock the revenue potential of A2P SMS? – In our latest whitepaper learn how deploying an SMS Firewall can combat grey routes, spoofing, spamming and other threats—the perfect first step in generating revenues from A2P messaging!
As a mobile operator, how do you unlock the revenue potential of A2P SMS? – In our latest whitepaper learn how deploying an SMS Firewall can combat grey routes, spoofing, spamming and other threats—the perfect first step in generating revenues from A2P messaging!
Cataleya-Security-Feature_SAWC_April2016page-20-23Jacqueline Fick
This document discusses network security issues for mobile network operators (MNOs) in Africa. It notes that as smartphone adoption increases across Africa, network security remains a high priority for MNOs due to threats like cybercrime and fraud. Common security issues include SIMbox fraud, which involves using boxes of SIM cards to make illegal international calls. The rapid growth of mobile services in Africa has outpaced the development of robust security systems, making networks and customers vulnerable. MNOs are fighting back against fraud through measures like seizing SIMboxes and tightening SIM security, but will need more integrated security approaches to address evolving threats from domestic and international criminals.
2014 march falcon business fraud classification model (3attendees)jcsobreira
The document describes a new Fraud Classification Model (FCM) proposed by ZonOptimus for the telecommunications industry. The FCM differentiates between fraud enablers, which are the vulnerabilities exploited to access networks or services, and fraud types, which are the actual fraudulent activities. It was presented to several industry groups including TMForum, GSMA, CFCA, and FIINA. These groups updated their fraud reporting templates based on the FCM's core concepts of separately classifying enablers and types. The document also provides details on how fraud cases would be registered and classified using the FCM framework.
This is because many VoLTE networks are launched with weak security setups. This oversight leaves them vulnerable
to hackers, who can penetrate the IMS network, engage in fraud, and disrupt service availability. What's more, as
VoLTE networks expand their reach for roaming, these vulnerabilities are no longer confined to one country but expose
VoLTE services at global scale.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
High performance Serverless Java on AWS- GoTo Amsterdam 2024Vadym Kazulkin
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
"NATO Hackathon Winner: AI-Powered Drug Search", Taras KlobaFwdays
This is a session that details how PostgreSQL's features and Azure AI Services can be effectively used to significantly enhance the search functionality in any application.
In this session, we'll share insights on how we used PostgreSQL to facilitate precise searches across multiple fields in our mobile application. The techniques include using LIKE and ILIKE operators and integrating a trigram-based search to handle potential misspellings, thereby increasing the search accuracy.
We'll also discuss how the azure_ai extension on PostgreSQL databases in Azure and Azure AI Services were utilized to create vectors from user input, a feature beneficial when users wish to find specific items based on text prompts. While our application's case study involves a drug search, the techniques and principles shared in this session can be adapted to improve search functionality in a wide range of applications. Join us to learn how PostgreSQL and Azure AI can be harnessed to enhance your application's search capability.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
What is an RPA CoE? Session 2 – CoE RolesDianaGray10
In this session, we will review the players involved in the CoE and how each role impacts opportunities.
Topics covered:
• What roles are essential?
• What place in the automation journey does each role play?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
SS7: the bad neighbor you're stuck with during the 5G migration and far beyond
1. DURING THE 5G MIGRATION AND FAR BEYOND
SS7: THE BAD NEIGHBOR YOU'RE STUCK WITH
2. Speakers
FEDERICO AURELI
Technical Security Specialist
Member of Expert and Delivery Team
15 years experience in Cybersecurity
MILAN BŘEZINA
Telecom and SMS fraud expert
Gained Ph.D. Of Telecommunication in 2007
12 years experience of Messaging and Security
3. Agenda
About us
Migration process
Statistics about your neighbour
Real examples (demo)
GDPR and our privacy
Our answer to migration
4. Positive Technologies
18 years
of experience
in security development
and research
200+
zero-day vulnerabilities
discovered yearly
Recognised global security driving force
+ others
UK, London (Headquarters)
Italy, Rome
Czech Republic, Brno
Russia, Moscow
Brazil, Sao Paulo
South Korea, Seoul
Global presence
5. Analytics and research
Responsible disclosure — responsible attitude
2014
Signaling System 7 (SS7)
security report
2014
Vulnerabilities of mobile
Internet (GPRS)
2016
Primary security threats
to SS7 cellular networks
2017
Threats to packet core
security of 4G network
2017
Next-generation networks,
next-level cybersecurity
problems (Diameter
vulnerabilities)
2018
SS7 Vulnerabilities and
Attack Exposure Report
2018
Diameter Vulnerabilities
Exposure Report
2019 5G Security Issues
2020
SS7 network security
analysis report
2020
Security assessment
of Diameter networks
2020 Threat vector GTP
6. Now what can a Hacker do?
Easily
From
anywhere
Any mobile
operator
No special
skills needed
Steal your money
Get access to your
email and social media
Track your location
Intercept your data, calls
and SMS messages
Take control of
your digital identity
From
GSM to 5G
Different Protocols
Same Threats
Perform massive denial
of service attacks
7. Realities: the question
is not “will I be hacked or not” ...
of SMS messages
can be intercepted
9out of 10
of networks fail to
prevent bypass of
Firewall protections
67% ALL
LTE networks are
vulnerable to denial
of service attacks
hours
average subscriber
down-time after
a DoS attack
3
…the question is “when it will happen
and how painful will it be”
11. 5G Roaming zoom-in
SEPP SEPPROAMING
PARTNER
HOME
OPERATOR
VISITING
NETWORK
HOME
NETWORK
Data
network
12. Evolution of mobile technologies
Analogue
1980 1991 1999 2001 2005 2010 2017
1G 2G 2.5G+ 3G 3.5G 4G 5G
SS7
GTP
SIP
4.5G
APIs
Diameter
2019
Continual introduction of new use cases, change of importance to society
18. Under 1 in 4
Firewalls were
able to successfully
secure the network
57% of SMS
Rome Routing
Platforms can
be circumvented
SS7 By-Pass Statistics
19. Percentage of successful attacks aimed at disclosing a subscriber's location
Subscriber location disclosure
Vulnerabilities exposing IMSIs
(percentage of successful attacks)
20. Percentage of successful attacks aimed at disclosure of subscriber informationVulnerabilities exposing IMSIs
(percentage of successful attacks)
Subscriber information disclosure
21. Percentage of successful attacks aimed at network information disclosureVulnerabilities allowing network information
disclosure (percentage of successful attacks)
Network information disclosure
24. COMPONENT PORTION — OPTIONALCOMPONENT PORTION — OPTIONAL
Example: Double MAP attack
STP
SS7 FW
MSC/VLR
PBX
TCAP Begin
Data_REQ
Data_REQ
Inspect the first component only and
forward the message to the network
Send the message to the
SS7 FW for inspection
TCAP MESSAGE TYPE — MANDATORY
TRANSACTION IDS — MANDATORY
DIALOGUE PORTION — OPTIONAL
COMPONENT 1
COMPONENT 2
26. Percentage of successful call and SMS interception attempts
The interception
of SMS messages
is one of the
greatest threats
facing mobile
operators today.
When this information is leaked, it can seriously
damage an operator's reputation in the eyes
of clients and lead to significant losses.
Example: Interception of SMS
28. GDPR as additional risk
And this fact provides
an opportunity for unscrupulous
actors to take advantage…
Could telecom operators be at
additional risk?
Beyond internal data safeguards, information
obtainable via unprotected telecom networks could also
constitute a breach.
Huge fines:
€10M–€20M, or 2%–4%
of annual revenue,
whichever is greater.
29. Identification &
Contact Information
Metadata Location Information
Metadata Traffic Information
Subscription Information
Financial &
Content Information
Internal Identifier
GDPR & Telecom Networks
TELEPHONE NUMBER
CELL ID, CELL TOWER LOCATION
LIST OF SERVICES TO WHICH A
CUSTOMER HAS SUBSCRIBED (PROFILE)
SERVICE ID (NA OR MSISDN),
DEVICE ID (EMEI, IMSI)
IP ADDRESS, APN
SMS & CALLS
30. MNO/MVNO
SIGNALING
NETWORK
1. Attacker gathers any information
possible from the target network
2. All information is used to create
as big a database of information
as possible from the target
operator
3. Attackers informs target operator
of breach, demanding a ransom
to not expose stolen data
4. Operational and
administrative overhead
plus reputational
damage as Customer
Notification completed
5. If no monitoring solutions
are in place to check
claim, no choice but to
inform GDPR regulator
6. Possible severe
fine: €10M–
€20M, or 2%–
4% of annual
revenue
Example how to exploit GDPR
31. Detect
Non-stop real-time threat detection is essential for
verifying the effectiveness of network security and
supporting rapid detection and mitigation
Respond
Completely secure your network by addressing both
generic vulnerabilities (GSMA) and the threats that
actually affect you as part of an ongoing process.
Audit
Auditing provides essential visibility to fully
understand your ever-changing network risks.
Audit
Detect
Respond
Start your new mission today
32. V V V
NgFWFW/IPSIDS
Full solution, Full
protection
IDS + FW modules
(NgFW)
Bypass analysis
True Network visibility,
continuously monitoring and
advanced analytics.
Augments already existing
FW investments if present
Optional FW/IPS
module available by
simple licnese
upgrade from IDS
installation or as
standalone solution
PT TAD: Full Protection Visibility
33.
34. ENISA estimates that only
30% of EU operators have
implemented GSMA
security guidelines
GSMA COMPLIANCE
CHECK
The quickest way to ensure
compliance with GSMA
FS.11
FS.19
IR.82
35. Recap
5G NSA SECURITY IS IMPOSSIBLE WITHOUT
SIGNALLING LEVEL PROTECTION
CHALLENGING MIGRATION
TURN THE NEGATIVE STATISTICS
FULL SECURITY REQUIRES FULL VISIBILITY
A: Welcome everyone. My name is Federico Aureli and I work in Positive Techologies since 2016. I‘m member of Expert and Delivery Team. Considering In pair everything goes better, today I‘m glad to be here with my colleague Milan. Ciao Milan.
B: Ciao Fede. I agree with you. Let me introduce myself. Its been my seconds seasson in PT but I gained lot of experience of messaging and security in my previous life. I hope I will learn something new today. So This is us - indeed more can be found in our private Linked-In accounts.
A: Anyway we are proud we can work for this great company
B: Here comes the agenda for today. Let me remind you any time you feel bored you might seek for any other fancy webinars on our PT – YouTube channel, from all I can recommend the one about 5G and calling Huston.
This my favourites one, english guy trying to convince people living in London to not destroy newly installed 5G antennas.
A: Good point for everyone on this call, 5G antennas has nothing to do with Corona virus or Brexit – really ...
B: A little about us.
PT is a company which puts the research on the center of all its activities. This is our key differentiator all we get from research is further propagated into our product and services portfolio.
A: Researching Vulnerabilities on different environments, from more standard ones like IT, Web Applications to more niches one like Telecom and IoT, Industrial, banking & payment systems. Active participation in regulator bodies such as GSMA.
B: As you can see and I think we repeat this over and over, we are researcher, If you are interesting in any of our recpent papers, go and visit our web positive-tech.com
A: If Iam not mistaken, this year we‘ve released SS7, Diamater and GTP papers
B: You remember it correctly
A: Let‘s see at this picture about what an hacker can do using SS7 flaws. Consider that SS7 is used by over 800 global telecoms, it’s insecure because when it was created it has no security in its design and nowadays it can still be easily compromised by hackers**
B: Looks like hackers can do almost everything,
A: You are right, there is pretty large perimeter of what can be done through your SS7 neighbors but it‘s not only limited to SS7, the other signaling guys are vulnerable the same way.
B: A scary slide I would say
A: But this is the reality
B: What takes 3 hours to recover the DoS ?
A: We‘ll see this in next slides, but you know better than me that this is an average time based on our experience. Sometimes processes make the recover phase even more challenging
B: let me once more touch 5G antennnas in UK, this was a first step of every MNO I know on the transformation way. They build up new radio and keep the exisitng EPC, but beside they probably already have virtuallized 5G core.
A: So even with 5G RAN you still communicate on 4G or 3G to your roaming partner?
B: Thats correct, you can aslo add IPX providers this is also a significant group
A: I see
A: but in case of 5G SA core the story changes and EPC is used for Partners and Internet
B: Even LTE-only networks using the Diameter protocol instead of SS7 or even next-generation 5G networks must interconnect with previous-generation networks.
A: Yes, and for this reason all partners or emerging MNO using SS7 needs to be supported. This is the so-called fallback
B: Or better backward compatibility
A: What about roaming?
A: This is the ideal world where everyone uses 5G
B: Whats this? Better to simplified that....
A: Let‘s have a simplified zoom…click
B: In the ideal world everyonce uses SEPP and that time we are happy and can go home.
A: Sorry but since March I work constantly from home, did you forget Corona virus?
B: aaa you right, anyway this is a nice vision – Every one is happy, but fallback or backward compability makes this more complicated
A: Do you think that SEPP will take dacades to be adopted by all the roaming partners?
B: Unfortunately I think so. SEPP will properly work only in case where both parties adopt 5G technology, so we‘ll need a lot of time before we‘ll see such communication scheme fully working.
A: Before to talk about new network generations, let‘s have a look to the „G“ evolution
B: sure, as you can see it started by SS7, its been almost 3 decades and SS7 is still worth to consider
A: So we still need to count with SS7. Now let‘s see the market penetration of each technlogy, this might be interesting
– next page
B: I dindt expected this. SS7 (Signaling System No. 7) is a set of protocols governing the exchange of signaling messages on control plane.
A: The issue with SS7 is that it’s no longer isolated as it was when implemented: it can be accessed by both legitimate operators and by illegitimate attackers, which is stil true.
B: You could think that everything is going to finish with the progressive implementation of 5G, but it’s not true until at least 2025 SS7 will continue significant player. But I suppose its vulnerabilities have been mitigated during all this time…
A: Can you see any significant progress within last 3 years?
B: Progress maybe, but if significant hard to say
A: As you can see, in our 2018 analysis of SS7 vulnerabilities, we noted gradual security improvements in SS7 networks.
B: Operators are still taking steps to improve security, but it seems they are doing without a systemic approach needed to compensate for those flaws.
A: You‘re right and so long as this remains the case, there will be gaps in security that can be exploited by attackers. Let’s have a look to Diameter…
B: please don’t ask me whether I see any improvement.
A: Don’t worry, I wont. As everyone see, The last two years have brought almost no improvement in the security of Diameter networks. All the tested networks were vulnerable to denial of service, which pose a direct threat even to IoT devices.
B: Non Stand alone 5G means subscribers counting on the advantages of 5G, including improved security, are still susceptible to 4G threats.
A: Do you know why we didn’t see the expected improvements?
B: I can imagine. Something related to security feature implementation?
A: Yes, but not only. These security features, even when installed and implemented, are not always correctly configured, which creates security gaps. Thus, the increased number of successful attacks in 2019 was due to both a general lack of traffic filtering and blocking systems as well as security gaps that allowed attackers to bypass these systems. In almost half of the networks studied, configuration errors in equipment at network boundaries allowed illegitimate requests to bypass.
B: Exactly. Just as an example for our audience, SMS Home Routing, which is used to guarantee proper routing of terminating SMS messages, even if strictly speaking is not a security feature, its use does prevent some attacks aimed at disclosing subscriber information and operator network configurations. But if it’s not rightly implemented and maintained you can have a false sense of security…
A: GTP protocol is more recent. As seen in the prevoius slide, it has been introduced in 2001 but it seems to suffer almost the same security issues…
B: Yes, Fede, you‘re right. Based on our researches on the field, even GTP can be a threat vector. DoS and Fraud are still possible and the main flaw is that the user actual location is not checked and this is responsible for half of successful attacks
A: Impressive. I suggest to our guests to visit Positive Technologies web site and download the full research: a lot of interesting stuff there.
A: Need more?
B: Only if you show me positive numbers
A: All my numbers are positive....
B: I see, positive numbers, i miss the year here?
A: All the statistics w‘re going to show now are average numbers from our security assessments from years 2019 and 2018
B: Let me ask then a question, how many assessment we made last year?
A: 76 security assessments
B: not bad, this is then a representative sample
A: Yes, and as you can see in these delicious donuts, only 25% percent of firewall and more than half SMS Home Routing Solutions were able to secure the network
B: …impressive. So, it‘s not only important to have the right equipment, but it‘s important to configure it properly and maintain it up to date. This is really important
A: In the past two years, the number of networks in which an attacker can track a subscriber's location has grown.
SS7 filters can be bypassed due to config issue, outdate DB, etc
B: Does this mean that Attackers can make changes in a subscriber's profile that allow them to receive information about the subscriber's location every time that subscriber makes a call?
A: Yes,it does. The ability for attackers to track a subscriber's location is directly related to a fundamental flaw in SS7 architecture. In certain cases it is impossible to establish whether a subscriber is affiliated with the network from which a signaling message originated.
B: And if I understand this correctly, to prevent attacks, it is essential that filtering is correctly configured on end-user equipment and at network boundaries. In addition, signaling messages must be constantly monitored and analysed.
A: you learn quckly....and it‘s not all…
B: yet another disclosure, I see
A: Exactly. However, operators are well-informed about this problem and they’re taking protective measures to prevent the disclosure of this information. Most methods used to disclose IMSIs require signaling messages that should not ever come from external networks, so it is not particularly difficult to block such attacks.
B: So , Generally, an attacker must know a subscriber's IMSI (International Mobile Subscriber Identity) as well as network equipment addresses in order to carry out an attack.
A: Yes, it’s usually the first step for the majority of attacks. And it’s not the only interesting disclosure can happen. Let’s see another disclosure example
B: Who cares about Network disclosure and why?
A: In our study, the majority of successful attacks utilized the absence of signaling traffic filtering or bypassability of SMS Home Routing.
B: This means, Information about network configuration is necessary for most attacks, which motivates attackers to seek out the addresses and functional roles of network equipment.
A: exactly. In isolated cases, attackers having such information also succeeded in bypassing the filtering of specialized security features.
B: My lovely DoS, for some reason these have my sympaty - Attacks are generally carried out via requests aimed at changing settings in a subscriber's profile.
A: And it‘s not all…In some cases, restarting the subscriber's device is not enough to re-establish a connection—the subscriber has to actually change the network settings by hand or going to a different location in order to reconnect to another MSC.
B: aaa Fraud, I was waiting whether you should me this or not
A: Why not? Every network that we tested in 2019 exposed vulnerabilities that could be exploited in financially-motivated attacks targeting both telecom providersand their clients with money loss for both
B: Enough numbers, give me example a show me more
A: As you wish
B: Can you imagine,someone gives you more than you expect?
A: I can. Let‘s see this kind of attack, it‘s named double MAP.
B: what is it exactly?
A: The TCAP message is composed by several portions, some of them mandatory (click) and others just optional (click). The intruder craft a special message with two different operations inside to bypass security measures.
B: How the equipments react to this?
A: Imagine, as an example, the first operation is InsertSubscriberData without an identifier of subscriber. The second operation is DeleteSubscriberData with the target subscriber IMSI. The attacker sends this message to the target network (click). The STP receives the message and sends it (click) to the SS7 firewall that inspects the first component only, defines that it does not have an identifier, (click) and forwards to message to the destination node. As easy as to stole an ice cream to a child.
B: So using this you fool STP as well as Firewall, excellent.
A: Do you want to see this in reality?
B: Yes, please
A: Live demo are always challenging, so let’s pray for the God of demo to avoid something unexpected happens
B: here I know this.... This is related to 2 Factor Authentication, am I right?
A: Not necesarilly, but partialy you are right. In fact much more can be done with interception,you want to see an example?
B: Yes please
A: What about GDPR impacts of all this?
B: Let’s have a look to the next slide
- NEXT SLIDE -
A: By this slide we open a really huge topic called GDPR.
B: Looks like a variation of GPRS
A: Something like this, it was not a common to build security by the law/design especially if you work in IoT industry
B: But I guess the time is here, am I right? If I look at issues connected to SIM SWAP, FRAUD, stolen identity ... This becomes a serous problem
A: Beyond internal data safeguards, information obtainable via unprotected telecom networks could also constitute a breach.
B: And this fact provides an opportunity for unscrupulous actors to take advantage…
A: Indeed, can you imagine huge fines:€10M–€20M, or 2%–4% of annual revenue, whichever is greater.
B: Something like this. It defines, among others, the concept of „Security by design“. Everyone should implement infrastructure taking security in a very serious consideration. It was not a common to build security by the law/design especially if you were in IoT industry
A: But I guess the time is here, am I right? If I look at issues connected to SIM SWAP, FRAUD, stolen identity ... This becomes a serous problem
B: Beyond internal data safeguards, information obtainable via unprotected telecom networks could also constitute a breach.
A: And this fact provides an opportunity for unscrupulous actors to take advantage. Furthermore, besides reputational loss, fines for violations are really huge: up to €20M or 4% of annual review.
A: Here just a small list of the GROUPS AND THE ATTACKS THAT can be done
B: We are aware of over 20 major personal data groups which all contain various quantities of individual data types.
A: Maybe you want to ask for an example on how to exploit all of this?
B: Fede, can you give me an example please?
NEXT slide
A: Let‘s describe a potential way
A: 1, 3, 5
B: 2, 4, 6
B: So, is there any solution or better right apprach to minimaze the impact of all we‘ve spoken so far?
A: Yes, here you are
HOW A HACKER CAN DO IT C=GAIN LOST OF INFORMATION
A: Telecom Operators should implement a virtuous circular process like the one shown in this slide
B: Audit, Detect and Respond. BTW nice circle very similar to square
A: What is important to underline is that this process is continuous and should not be done only once.
B: Yes, the network changes constantly, evolves, new functions are added. The attack surface can change. For this reason this squared circle flow should be constant.
A: …and our technology can help our Customers…
NEXT SLIDE
B: I always wanted to know how Lego‘s bricks stick together.
A: I think all you need to know is that if you put them together they really stick
B: But this slide is not about Lego it shows that 1+1 can be more than 2 if you combine right products
NEXT SLIDE
A: You are totally right, alone with IDS or IPS you never get such a comprehensive view of your network and significant advantage to combat against incoming threats. Our Firewall combined with our best-in-class intelligence has been recognized as top-tier signaling technology for the second year in a row.
B: It’s absolutely great!! So 1+1 it’s equal 3 in this case. But what if also due to Corona virus can‘t invest, can I get something let say for FREE?
A: For Free? You know what? Yes you can get our GSMA free of charge compliance check of your SS7 signaling network.
B: really? But what’s the difference between paid and free service?
NEXT SLIDE
A: As you can see up to 75 test cases will be used for our GSMA Compliance Check
B: Very interesting, but what about if I don't want to touch my running configuration
A: You don't need to do, everything is done remotely just to check real life scenarios in the safest possible way
B: Amazing what about report?
A: This is the final stage where we deliver the report to you.
B: I see I can get a lot of information. Which are the sources you refer to run these checks?
A: Our Compliance check is based on GSMA guidelines and it’s composed by up to 75 tests.
B: Great to know. ENISA estimates only 30% of EU operators have implemented such security guidelines. Very interesting, but what about if I don't want to touch my running configuration
A: You don't need to do, everything is done remotely just to check real life scenarios in the safest possible way
B: And if I need more?
A: If you need more, you can ask for further services like our Telecom Security Audit where our experts perform deeper checks and also bypass techniques are tried.
B: I heard about it, it‘s very useful to dig deeper on my signaling network and have a full picture of my security posture
B: We almost are running out the time , so let’s recap we have learnt from this call
B: Don’t forget that 5G NSA it uses previous generation backend
A: Exactly for this reason, migration to 5G might be very challenging and SS7/Diameter vulnerabilities can‘t be forgotten
B: We need to push MNOs to turn the negative trend. Security features must be always keep updated and well configured
A: Privacy always first. Regulations are going to be strict and users requires it always more
B: and Full visibility is the must these days...with PT TAD it’s easier than has ever been, Ill pauze here
and this is all from me and Federico, now its your turn, you can ask your questions.
BTW: if you liked our webinar, let it know to your friends, if not, tell it to us