Mobile phones and communications have become ubiquitous in the 21st century and it is being powered by a global network of interconnected carrier networks. This allows users from anywhere to communicate with almost anyone from anywhere else but also presents security and privacy concerns of global scale.
The problem lies mostly in the word interconnected. Even if the victim is connected to a network well maintained by trusted operator the attacker might initiate the attack by exploiting haphazardly set up network from another side of the globe.
Standard Protocols Are Good, Right?
The two protocols used for interconnections are SS7 and Diameter. SS7 has its origins in the 70’s when there were only a few trusted operators. As such when it comes to security it has more holes than a slice of swiss cheese. Diameter on the other hand is a much newer protocol designed to replace SS7 on the LTE era of mobile communications. Even though it is a huge improvement it is still vulnerable to many of the same attacks. On top of that not all operators have made the switch and not all of those who have made it have implemented Diameter according to all security recommendations.
According to research made by Positive Technologies old attacks like tracking users location or interception of users’ SMS messages are very much possible in the Diameter era. Responsible operators may go to great lengths to secure their own networks but can not do much if an attacker (for example hacker, foreign government or spy agency) has compromised network belonging to another operator in another country.
Identifying Unknown Threats Using AI
As these attacks are carried out using regular protocol messages they are very hard to identify manually. CAP has been developing AI that helps operators to secure their networks from both interconnection and interconnection related threats by monitoring the interconnection communications and alerting operators about out-of-place activities targeting their networks.
We’ll be discussing some of the technologies related to this field in forthcoming posts.