Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy?

The talk is mainly driven by the cyber intelligence gathered in response to political shifts in the region. The core focus of the talk is to bring awareness, and reveal actionable intelligence to a larger set of audience, specifically operators to take solid measures to ensure they have cyber resilience when it comes to handling these nation-state attacks during conflicts. As the theme of the talk is cyber-attacks during conflicts, we will share a glimpse of intelligence that was captured during the US forces' withdrawal from Afghanistan. We will discuss the timeline of the US withdrawal and how these activities were directly reflected and seen on the global signalization. We will also share our intelligence gathered around the Russian and Ukraine conflict and how mobile networks were weaponized to inflict cyber war with a primary focus on nation-state activity led by Russian sources/identity holding various objectives (i.e hostile registration, location tracking and surveillance, SMS hijack, account takeover performing identity impersonation, identity spoofing via SS7 on link level and upper layers, and zero-day exploit techniques used in an attempt to bypass security control). These activities were supported by fuzzing looking to evade security defenses. Redacted network capture would be used to demonstrate the attack methodology. We will also walk through and provide evidence of how zero-day exploits on the global Signaling are incurring financial losses for mobile operators. The talk brings a unique perspective for mobile network operators on how revisiting their efforts in building a concrete cyber resilience security strategy can prevent operators from financial and reputational losses and prepare them for hybrid war.Please note that this will be a remote (virtual) presentation.