SS7 Security Audit
Is a sanity check of the Global Title analysis in the gateway nodes. Not only does Roaming Audit check if Network Node GT Ranges are missing, causing disruption to the normal roaming services. We also check if unwanted GT Ranges are allowed through your SS7 filters which exposes your network to various SS7 exploits and hacking.
SS7 Filtering and blocking ensures only legitimate roaming partners
can signal with your core nodes
SS7 Threats & Vulnerabilities
Real Roaming Partner Signaling
Operator STP or Gateway Node
The problem with SS7
If it wasn’t for roaming SS7 security wouldn’t be such topic in today’s world. The SS7 protocol is more than 30 years old and didn’t have security and todays interconnected world in mind.
These vulnerabilities are especially amplified in situations where operators and users employ SS7 in two-factor authentication processes via mobile phones. Although this login method offers many cybersecurity guarantees, it is far from perfect. Here, the vulnerability becomes more evident when the user receives an SMS with a code to carry out a certain operation.
Two-factor authentication is only one of many vulnerabilities, but one that is easy to relate to and where the damage is easy to see. Espionage and subscriber tracking happens every day without anybody realizing it. Denial of service for individual subscribers also goes unnoticed where as denial of service for complete nodes is very visible and very costly for operators.
Part of the solution
Majority of these exploits and vulnerabilities can be avoided by keeping an updated and tight SS7 filter in the gateway nodes. It won’t keep everything out, but it is an efficient and cheap way of securing the network from a great deal of unwanted and malicious signaling. The biggest challenge is keeping up with the everchanging network topologies of roaming partners. Network Node Global Title ranges are added and removed on a daily/weekly basis
How the SS7 Security Works
The Roaming Audit digit analysis engine first checks that legitimate roaming partners can pass through the SS7 filter. Any issues will be visualized so they can be corrected to ensure roaming workability.
If too broad ranges are found then the tool helps define the correct configurations which allows roaming partners through the filter and blocks out the rest.