logo
allArticlesConferencesPresentations

Mobile Interconnect Threats: How Next-Gen Products May be Already Outdated

Conference:  BlackHat USA 2019

2019-08-08

Summary

Mobile Interconnect Threats: How Next-Gen Products May be Already Outdated is a conference presentation about vulnerabilities in SS7 networks and the potential risks for mobile network operators. The talk focuses on the security of new equipment being deployed to detect attacks and protect customers.
  • SS7 networks were initially designed without security protocols, making them vulnerable to attacks
  • Mobile network operators are deploying new equipment to detect and protect against attacks
  • The talk describes vulnerabilities discovered in SS7 firewall vendors and how to assess the security of such products
  • The speaker's employer is Orange, a European operator with many affiliates worldwide
  • The presentation includes a technical overview of the sequence stack and the different layers of the Sigtran stack
  • The speaker's team developed a tool called Pornss7 to modify and generate packets that can be processed by the sequence stack of the SS7 firewall
  • The talk includes a pseudocode example of how to bypass detection from the SS7 firewall at the IP level
The speaker shared a personal anecdote about his mobile SIM card from Orange, his operator in France, not working in the US because the US operator did not have the necessary secret to authenticate him. This highlights the need for interconnectivity between operators and the potential risks associated with it.

Abstract

"Walled garden" used to be the security principle backing SS7 networks. This is no longer the case, and some attackers may benefit from access to these networks to leverage mobile network functions: geolocation, access to subscriber's profile, interception of communications. Mobile network operators now deploy new equipments to detect attacks and protect their customers. These new equipments are expected to be robust against wild traffic and safe. We describe in this talk vulnerabilities we have discovered and what we look into when assessing security of such products.
Materials:
Slides
Tags:

Post a comment

Related work

Attacks From a New Front Door in 4G & 5G Mobile Networks

Conference:  Black Hat USA 2022
Authors:
2022-08-10

Graph Convolutional Network-Based Suspicious Communication Pair Estimation for Industrial Control Systems

Conference:  BlackHat EU 2020
Authors:
2020-12-09

Implementing Private 5G Networks For Enterprises With Kubernetes

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Christian Huebner, Amar Kapadia
2022-10-26

Whispers Among the Stars: Perpetrating (and Preventing) Satellite Eavesdropping Attacks

Conference:  Defcon 28
Authors:
2020-08-01

Cloud-Native Sandboxes for Microservices: Understanding New Threats and Attacks

Conference:  BlackHat EU 2018
Authors:
2018-12-06

5G IMSI Catchers Mirage

Conference:  BlackHat USA 2021
Authors:
2021-08-05