UNDERSTANDING CORE TELECOM SECURITY

Similar documents
Worldwide attacks on SS7 network

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Digital Communications Exploring SS7 signaling fraud that threatens mobile network security and subscriber privacy

Mobile Devices Security: Evolving Threat Profile of Mobile Networks

4G Mobile Networks At Risk

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

Mobile Wireless Overview

SIGNALING SYSTEM 7 (SS7) SECURITY REPORT

An Oracle White Paper December The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks

Chapter 3: WLAN-GPRS Integration for Next-Generation Mobile Data Networks

Cisco Advanced Services for Network Security

Revenue Analytics for Long Term Evolution (LTE)

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

LTE Overview October 6, 2011

Mobile Devices Security: Evolving Threat Profile of Mobile Networks

Securing the Interconnect Signaling Network Security

FIGHTING FRAUD ON 4G. Neutralising threats in the LTE ecosystem

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

Information Security Services

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Global System for Mobile Communication Technology

PENTEST. Pentest Services. VoIP & Web.

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Security Services. 30 years of experience in IT business

Contents VULNERABILITIES OF MOBILE INTERNET (GPRS), 2014

Chapter 10 VoIP for the Non-All-IP Mobile Networks

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Cybersecurity and internal audit. August 15, 2014

Cybersecurity The role of Internal Audit

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Mobile Office Security Requirements for the Mobile Office

Payment Card Industry Data Security Standard

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

How To Understand The Gsm And Mts Mobile Network Evolution

WEB APPLICATION VULNERABILITY STATISTICS (2013)

Security MWC Nokia Solutions and Networks. All rights reserved.

Enterprise Computing Solutions

trends in mobile malware and importance of network based user protection

Mobility and cellular networks

State of Texas. TEX-AN Next Generation. NNI Plan

Recommended IP Telephony Architecture

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Mobile network evolution A tutorial presentation

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

The GSM and GPRS network T /301

T.38 fax transmission over Internet Security FAQ

Alcatel-Lucent Services

Nokia Networks. security you can rely on

GSM services over wireless LAN

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

UMTS/GPRS system overview from an IP addressing perspective. David Kessens Jonne Soininen

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Chapter 1 The Principles of Auditing 1

Defending Against Data Beaches: Internal Controls for Cybersecurity

Mobile Communications

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Put into test the security of an environment and qualify its resistance to a certain level of attack.

SS7 & LTE Stack Attack

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015

Securing Next Generation Mobile Networks

ICANWK406A Install, configure and test network security

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Femtocells: A Poisonous Needle in the Operator s Hay Stack

Chapter 9 Firewalls and Intrusion Prevention Systems

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

SS7: Locate. Track. Manipulate.

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

Security Testing 4G (LTE) Networks 44con 6th September 2012 Martyn Ruks & Nils

The Importance of Cybersecurity Monitoring for Utilities

Performance Evaluation of VoIP Services using Different CODECs over a UMTS Network

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

1 Introduction. 2 Assumptions. Implementing roaming for OpenBTS

STAR-GATE TM. Annex: Intercepting Packet Data Compliance with CALEA and ETSI Delivery and Administration Standards.

whitepaper 4 Best Practices for Building PCI DSS Compliant Networks

Technical Testing. Network Testing DATA SHEET

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

Basics of Internet Security

Securing SIP Trunks APPLICATION NOTE.

IMT-2000 Network Architecture

Chapter 6 Wireless and Mobile Networks

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Cisco Security Optimization Service

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Payment Card Industry (PCI) Data Security Standard

Advanced SIP Series: SIP and 3GPP Operations

External Supplier Control Requirements

SIP Security Controllers. Product Overview

Advanced SIP Series: SIP and 3GPP

Transcription:

SOLUTION BRIEF -TELECOM UNDERSTANDING CORE TELECOM SECURITY If you think you re not affected, consider that a 2013 Congressional survey of more than 150 utility companies revealed more than a dozen utilities reported constant, daily, or frequent attempted cyber-attacks including phishing, malware infection and unfriendly probes, and at least one utility was the target of roughly 10,000 attempted cyber-attacks every month. (Source: Homeland Security News Wire) Positive Technologies recommends analyzing the whole core Telecom network, with all its interconnections and components, as the best approach to protecting it. Reliable communications are essential to a nation s health, safety, economy and way of life. To assure availability, telecom operators have historically guarded against service interruptions by considering natural disasters and accidental disturbances as part of their architectures and recovery strategies. But now, due to the convergence of traditional circuit switched networks with broadband and packet-based Protocol (IP) networks, it s imperative that operators consider additional security measures to protect themselves from deliberate and malicious disruptions and disasters resulting from cyber-attack. A common theme in most cyber-attacks is exploiting vulnerabilities and misconfigured system settings, but where should your network defense begin? Some think that focusing on the signaling network (SS7/SIGTRAN) is best, although doing so leaves your customer management, transmission, switching, access, mobile and intelligent networks open to a wide array of attacks that can be carried out by even novice hackers. Yes, SS7/SIGTRAN is important, but a partial approach that ignores other vulnerabilities leaves opportunities for hackers to break in.

SOLUTION BRIEF - TELECOM OSS Attacker IP backbone BTS/ Node B BSC/ RNC SGSN GGSN Figure 1: Connected systems are indirectly at risk Control Your Entire Core Forward thinking organizations understand that IT security cannot be effectively managed in isolation as separate segments or technologies, but rather it must be considered across all systems. Likewise, Positive Technologies recommends analyzing the whole core Telecom network, with all its interconnections and components, as the best approach to protecting it. Positive Technologies is a trusted provider of Vulnerability Management (VM), Application Security (AS) and Critical Infrastructure Protection (CIP) solutions to more than 1,000 global enterprise clients. We help you protect your core telecom network from cyber criminals and other bad actors. Positive Technologies performs an in-depth security assessment across all of your core network layers. We identify all of the cracks that a hacker could crawl through, create a real-world attack model that illustrates where your business is at risk and outline steps you should take to protect it. Core Network PDNs GeRAN, UTRAN, LTE, WiFi, WiMAX, PON, DSL etc. Circuit Switched Core Packet Switched Core SS7 IMS IP/MPLS Transport GRX Operation and Maintenance Billing CRM Remote Support IT network Figure 2: Typical mobile network topology

+Telecom SOLUTION BRIEF - TELECOM Our comprehensive approach to core network security for telecom providers includes: + Security Testing and Research on a range of telecom equipment from 3G/LTE modems and femto, pico and micro cells to HLR/ STP/VAS, including architecture analysis, fuzz testing and reverse engineering + Audit of IT and telecom networks for known and 0-day vulnerabilities and to assess security policies, processes and controls implemented + Radio Access Path Security Testing for mobile and wireless communications standards GSM, UMTS, LTE, WiMax and WiFi, including authentication, encryption, fraud calls, flash SMS, HLR call request tests and GSMA security testing + Penetration Tests to gauge resistance to network and data link layer attacks, execute traffic and log analysis, measure the effects of exploiting vulnerabilities and check the likelihood of unauthorized access + GPRS, IP & Packet Core Domain Security Audits and GTP Testing + SMS Service and Signaling Security: - USSD Service - Signaling Security Assessment (e.g., SS7, SIGTRAN, MAP, CAP, ISUP) and SS7 external information gathering - SS7/SIGTRAN Interconnection and Architecture Audits - Fraud Analysis + Operational Management, OAM Interface Security Testing + Core Network Services Provisioning Security: - Web/Vas/IN/ Femto, VoIP, etc. - Configuration Hardening Guides and Checklists developed for a wide range of core equipment Because malware and bad actors can spread between interconnected networks, Positive Technologies also examines and analyzes GRX, UTRAN, LTE, DSL and and IT network connections. Uncover Your Core Weaknesses The security specialists at Positive Technologies actively employ common and advanced attack techniques to provide a hacker s perspective on: Subscribers/From Subscribers/VAS/Backhaul: PON, FTTx, xdsl, WiFi and GPRS Circuit Switched Core Networks: HLR/AuC, VLR/MSC, STP and SMSC Packet Switched Core Networks: SGSN, GGSN and DNS Evolved Packet Core: PGW, HSS/PCRF and MME IMS, OSS, BSS, IP/MPLS and GRX/IPX

SOLUTION BRIEF - TELECOM PSTN/ ISDN 3G MSC HLR, AuC/EIR Gc SS7 D Gr GANC VLR Circuit Switched Network Gs 3G SGSN PHY Ga Ga GGSN GRX lu RNC lu lur CGF RNC OSS Node B Node B Node B Node B Femtocell Figure 3: Many attack vector options Our experts have demonstrated their deep and broad knowledge of core telecom security by successfully exposing hundreds of weaknesses including bypassing service charges, spoofing calls and SMS messages, unauthorized access to voicemail, call and user account interceptions, gaining access to OSS/BSS/HLR, compromising VAS/ Web/self-service portals, acquiring confidential data (IMSI, IMEI) and substituting the subscriber profile in VLR, just to name a few. Attacker as HLR Attacker as SCF 1 2 4 5 7 MSC VLR 6 3 SCF 8 A B Figure 4: Example attack sequence Gain Visibility Into Your Core Network Positive Technologies has extensive hands-on experience analyzing equipment from leading telecom suppliers such as Broadcom, Cisco, Ericsson, F5, Huawei, Juniper and NSN, across a wide range of systems including: BTS/NODEB/BSC/RNC MSS(VLR)/MGW/HLR(AuC)/SGSN/GGSN/STP(SS7) SMSC/MMSC/USSD Gateway VAS IVRs IP Core elements and transport (routers, switches, FWs, DNSs) GRX//Core Network Charging Elements enodeb/mme/s-gw/pdn-gw/p-gw/hss/ims

SOLUTION BRIEF - TELECOM Workstation Application Server Modem Routing/Switching Device Corporate Clients GTP BTS NodeB BSC/ RNC SGSN GGSN GRX MS DNS Figure 5: Visibility into actual systems on the network Our insights provide telecom clients with crucial intelligence and visibility to see where their core network is locked down, where it has holes and what must be done to resolve vulnerabilities. Translate Security Standards Into Action Security and data privacy standards provide high-level guidance, but that s it. They lack any technical details that explain what should be monitored and checked to ensure security and compliance. Positive Technologies allows you to turn high-level guidelines into operational security controls through our deep understanding of digital security standards including: ISO 27001:2005, ISO 27002, ISO 27011:2008 ITU-T X805, ITU-T X1051, ITU-T E408, ITU-T E409 3GPP 33-Series, 3GPP2 S.S0086, ENISA Guidelines, DoT TRAI Regulations and others Converge IT & Critical Infrastructure Protection To keep your communications network secure and online, you must proactively identify vulnerabilities and potential attack vectors, assess and prioritize threats, and remediate weaknesses. But doing this across only your core telecom systems will not keep you safe. IT and core networks face complementary security risks that cannot be effectively managed in isolation. Rather, they must be viewed together as part of a unified enterprise security strategy. Consequently, in addition to solutions for protecting your core telecom systems, Positive Technologies also provides powerful vulnerability management products and services aimed at traditional IT systems, including: External IP Networks Vulnerability Assessment and Penetration Testing (black-box methodology) Internal Network Vulnerability Assessment and Penetration Testing (white-box or gray-box methodology)

Application Security Assessment (corporate website, self-service and provisioning portals, VAS, etc. (black-box, white-box, or gray-box methodologies and tools for dynamic and static code analysis) Vulnerability Research, Application, OS, Networks, DB, ERP Systems Analysis and the development of Configuration Hardening Guides SOC External Perimeter Continuous Monitoring Services Security Assessment and Compliance Automation in MaxPatrol http://www.ptsecurity.com/what_we_do/maxpatrol/ Why Choose Positive Technologies? At Positive Technologies, our people are among the world s most advanced specialist researchers, renowned security experts and highly-skilled programmers. With one of the largest and most dynamic research facilities in the world, Positive Technologies carries out research, penetration testing and threat and vulnerability analysis on dozens of large-scale networks every year. As a result, we discover over 100 Core Telecom and IT 0-day vulnerabilities annually and have earned our reputation as one of the foremost authorities on Telecom Security anywhere. With our hands-on experience assessing real-world systems, our deep understanding of telecom security and our more than 150 researchers keeping you ahead of the bad guys, why wouldn t you choose Positive Technologies? About Positive Technologies Positive Technologies is a leading provider of vulnerability assessment, compliance management and threat analysis solutions to more than 1,000 global enterprise clients. Our solutions work seamlessly across your entire business: securing applications in development; assessing your network and application vulnerabilities; assuring compliance with regulatory requirements; and blocking real-time attacks. Our commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on SCADA, Banking, Telecom, Web Application and ERP security, and distinction as the #1 fastest growing Security and Vulnerability Management firm in 2012, as shown in an IDC report*. To learn more about Positive Technologies please visit www.ptsecurity.com. *Source: IDC Worldwide Security and Vulnerability Management 2013-2017 Forecast and 2012 Vendor Shares, doc #242465, August 2013. Based on year-over-year revenue growth in 2012 for vendors with revenues of $20M+. 2014 Positive Technologies. Positive Technologies and the Positive Technologies logo are trademarks or registered trademarks of Positive Technologies. All other trademarks mentioned herein are the property of their respective owners. TELECOM_SB_A4.ENG.0011.01.DEC.29.2014

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information