Security Management -> SS7 Security Audit

14 SS7 Security Audit

SS7 Security Audit

Is a sanity check of the Global Title analysis in the gateway nodes. Not only does Roaming Audit check if Network Node GT Ranges are missing, causing disruption to the normal roaming services. We also check if unwanted GT Ranges are allowed through your SS7 filters which exposes your network to various SS7 exploits and hacking.

footprint visualization

Features

13 SS7 Security Audit 2

SS7 Attacks

SS7 Filtering and blocking ensures only legitimate roaming partners
can signal with your core nodes

Asset 1@2x
Asset 2@2x

SS7 Threats & Vulnerabilities

Asset 2@2x

Real Roaming Partner Signaling

Output

Legitimate Roaming
Partner Signaling

Operator STP or Gateway Node

filter 1

Allow

Block

Asset 1@2x

The problem with SS7

If it wasn’t for roaming SS7 security wouldn’t be such topic in today’s world. The SS7 protocol is more than 30 years old and didn’t have security and todays interconnected world in mind.

These vulnerabilities are especially amplified in situations where operators and users employ SS7 in two-factor authentication processes via mobile phones. Although this login method offers many cybersecurity guarantees, it is far from perfect. Here, the vulnerability becomes more evident when the user receives an SMS with a code to carry out a certain operation.

Two-factor authentication is only one of many vulnerabilities, but one that is easy to relate to and where the damage is easy to see. Espionage and subscriber tracking happens every day without anybody realizing it. Denial of service for individual subscribers also goes unnoticed where as denial of service for complete nodes is very visible and very costly for operators.

Part of the solution

Majority of these exploits and vulnerabilities can be avoided by keeping an updated and tight SS7 filter in the gateway nodes. It won’t keep everything out, but it is an efficient and cheap way of securing the network from a great deal of unwanted and malicious signaling. The biggest challenge is keeping up with the everchanging network topologies of roaming partners. Network Node Global Title ranges are added and removed on a daily/weekly basis

filter 1

How the SS7 Security Works

The Roaming Audit digit analysis engine first checks that legitimate roaming partners can pass through the SS7 filter. Any issues will be visualized so they can be corrected to ensure roaming workability.

If too broad ranges are found then the tool helps define the correct configurations which allows roaming partners through the filter and blocks out the rest.

Audit Features: