Security Management -> SS7 Security Audit
SS7 Security Audit
Is a sanity check of the Global Title analysis in the gateway nodes. Not only does Roaming Audit check if Network Node GT Ranges are missing, causing disruption to the normal roaming services. We also check if unwanted GT Ranges are allowed through your SS7 filters which exposes your network to various SS7 exploits and hacking.
Schedule a Demo
We are happy to schedule a demo and answer any questions you might have.
Features
- Take controll of the access to your SS7 Network
- Allow traffic only from your partners
- Restrict unwanted access, without consuming resources
- Protect your customers against sensible data access by 3rd parties
SS7 Attacks
SS7 Filtering and blocking ensures only legitimate roaming partners
can signal with your core nodes
SS7 Threats & Vulnerabilities
- Subscriber information disclosure
- Network information disclosure
- Subscriber traffic interception
- Fraud
- Denial of service
Real Roaming Partner Signaling
- SendRoutingInfo
- Network information disclosure
- UpdateLocation
- SendSMS
- ...
Output
Legitimate Roaming
Partner Signaling
Operator STP or Gateway Node
Allow
- - Roaming Partners
Block
- - Non-Roaming Partners
- • Hackers
- • HLR Lookup Service
- • Tracking Service
- • Nation States
The problem with SS7
If it wasn’t for roaming SS7 security wouldn’t be such topic in today’s world. The SS7 protocol is more than 30 years old and didn’t have security and todays interconnected world in mind.
These vulnerabilities are especially amplified in situations where operators and users employ SS7 in two-factor authentication processes via mobile phones. Although this login method offers many cybersecurity guarantees, it is far from perfect. Here, the vulnerability becomes more evident when the user receives an SMS with a code to carry out a certain operation.
Two-factor authentication is only one of many vulnerabilities, but one that is easy to relate to and where the damage is easy to see. Espionage and subscriber tracking happens every day without anybody realizing it. Denial of service for individual subscribers also goes unnoticed where as denial of service for complete nodes is very visible and very costly for operators.
Part of the solution
Majority of these exploits and vulnerabilities can be avoided by keeping an updated and tight SS7 filter in the gateway nodes. It won’t keep everything out, but it is an efficient and cheap way of securing the network from a great deal of unwanted and malicious signaling. The biggest challenge is keeping up with the everchanging network topologies of roaming partners. Network Node Global Title ranges are added and removed on a daily/weekly basis
How the SS7 Security Works
The Roaming Audit digit analysis engine first checks that legitimate roaming partners can pass through the SS7 filter. Any issues will be visualized so they can be corrected to ensure roaming workability.
If too broad ranges are found then the tool helps define the correct configurations which allows roaming partners through the filter and blocks out the rest.
Audit Features:
- Digit Length Analysis
- Full country length Analysis
- Non-Roaming Partner Analysis