Diameter vulnerabilities in the spotlight
June 13, 2018
Despite all the protection mechanisms in the Diameter protocol, networks and subscribers are still at risk. Attackers can exploit numerous SS7 vulnerabilities to successfully track subscriber location, cause denial of service, disconnect thousands of users, or downgrade connections to 3G. Here is our list of recommendations to mitigate security risks both for end users and operators.
SS7 vulnerabilities in the spotlight
March 5, 2018
The vast majority of SS7-based networks contain severe vulnerabilities. Criminals can intercept subscribers' voice calls and messages, commit fraud, and disrupt service availability. Check out our take on current SS7 security threats and recommendations for minimizing the odds of a successful attack.
Threats to packet core security of 4G networks
September 28, 2017
Billions of people worldwide use IoT infrastructure. However, manufacturers of IoT devices still give short shrift to security. Mobile operators tend to be poorly prepared for modern threats. Hackers can use multiple vulnerabilities in 4G networks to conduct attacks, including interception of text and email messages, call eavesdropping, and blocking of connections. Read our report regarding the main security threats to the centerpiece of 4G (LTE) networks.
Next-generation networks, next-level cybersecurity problems
August 8, 2017
In the last few years, mobile operators have made significant CapEx investment in next-generation networks. This includes switching from the SS7 signaling protocol, which dates back to the '70s, to Diameter. But even the newer protocol contains flaws that enable an attacker to eavesdrop, track location, and commit fraud, theft, and worse. Steps must be taken to safeguard against doomsday scenarios.
Primary Security Threats for SS7 Cellular Networks 2016
May 10, 2016
SS7 exploits can turn a cell phone into an open book, allowing an attacker to read messages, track a subscriber’s location, and eavesdrop on and redirect calls. This technique is now available not only to intelligence services, but to an average hacker as well. In 2014, we described in detail security issues in signaling networks. This report contains a security analysis of SS7 networks for various operators with a subscriber base of 10 to 70 million.
Vulnerabilities of Mobile Internet (GPRS)
August 13, 2014
Modern mobile networks facilitate the most convenient access to the Internet without the need for static infrastructures. People can access email, messengers, social networks, and online stores whenever and wherever they need it. A range of businesses use mobile Internet for remote administration, financial operations, e-commerce, M2M, and some other purposes.