Positive Technologies took part in a telecom cybersecurity event at La Plata University, La Plata City (Argentina) on June 4–5. The company's experts surveyed the current state of security of signaling networks and attack statistics, in addition to holding a hands-on workshop on signaling protocol vulnerabilities.
On June 4, Dan Tara, VP Telecom Security at Positive Technologies, told about myths and reality in the context of SS7/LTE security. Dan also shared statistics about attacks on critical national infrastructure through mobile carriers. For example, research by Positive Technologies shows that all tested telecom networks contain critical vulnerabilities allowing intruders to track subscriber location and cause denial of service. One in three networks is at risk of fraud against operators. The talk also outlined emerging security trends and steps that governments and regulators can take to better secure signaling networks worldwide.
On June 5, Positive Technologies presenters Dmitry Kurbatov, Head of the Telecom Security Department, and Dan Tara, VP Telecom Security, held a workshop on signaling security. Discussion centered on the history and development of security mechanisms on signaling networks, current flaws, and possible attacks, as well as measures that can be applied to mitigate security risks.
Most flaws detected on telecom networks involve more than just misconfigured or vulnerable equipment—they are caused by fundamental issues in the SS7, and now Diameter, protocols. Security measures must be comprehensive and carefully considered: regular auditing of network security, updating of security settings, continuous monitoring and analysis of signaling traffic, timely detection of illegitimate activity, and early response to emerging threats.