About the company
PJSC VimpelCom (marketed under the “Beeline” brand in Russia) is a part of VimpelCom Ltd., an international communications group offering mobile and landline telephony, wired and wireless high-speed Internet access, and IPTV to over 200 million clients worldwide.
After years of security through obscurity, telecom security has appeared on the radar screen. Subscribers are using more and more new services, and almost every new gadget has mobile Internet connectivity. But the core for all this communication—the SS7 signaling network—was developed 40 years ago, and integrating new technologies with legacy systems creates some serious security issues.
Vulnerabilities in SS7 make it possible for an attacker anywhere in the world to track the location of a mobile phone, disconnect a subscriber, intercept SMS messages, and even eavesdrop on conversations. Positive Technologies experts assessed many SS7 networks security in 2015–2016 and found troubling results: subscribers could be geotracked on 58% of analyzed networks, have their incoming SMS messages intercepted on 89% of networks, and have their voice calls intercepted on 50% of networks.
Of course, it’s impossible to overhaul the existing infrastructure and protocols in a day. That is why it is so important to perform a detailed audit of SS7 networks and related components, as well as quickly identify attacks targeting mobile infrastructure and subscribers and undertake mitigating measures.
PJSC VimpelCom serves over 58 million mobile subscribers, making reliability an absolute priority. The growing number and scale of external threats forced the company to take a fresh look at how to keep its network safe. Several of the key challenges included:
- Get an unbiased picture of the protection level of the mobile network and subscribers in order to analyze the existing risks.
- Devise methods for mitigating the highest-priority threats.
- Decide on methods to monitor network security and detect illegitimate use of the network.
With the results of the security audit and information on real-world attacks observed on the network, VimpelCom and Positive Technologies were able to prevent denial of service, fraud involving theft of funds from subscriber accounts, and more. The experts at Positive Technologies developed an action list for counteracting the most important and high-priority threats. Cooperation continues with plans to optimize network equipment configuration for improved resilience to attacks, build a vulnerability management process, and set up continuous security monitoring of illegitimate network activity.