Positive Technologies Telecom Attack Discovery updated to fight the latest threats

PT TAD  detects all known Diameter and SS7 protocols attacks and delivers targeted signaling protection

Fundamental flaws in signaling protocols used within telecoms infrastructure around the world are leaving operators and subscribers open to attack. Despite the fact that operators have spent billions on upgrading from the initial protocol (SS7) to the modern version (Diameter), research by Positive Technologies has repeatedly shown that exploits are possible in all networks.

Earlier this year, a Positive Technologies report showed that all Diameter networks tested by the company contain critical vulnerabilities that allow intruders to track customer location and cause denial of service. In addition, one in three 4G networks is at risk of signaling fraud attacks on operators, enabling cyber attackers to use mobile services for free and potentially sell access to third parties while telecoms customer profile information could have been stolen in 83 percent of tests. In a separate report into SS7, Positive Technologies found that in testing telecoms infrastructure nine out of ten attempted SMS interception attacks were successful. This is concerning as many networks continue to use SS7 to deliver SMSs, even when Diameter is present.

In order to mitigate these threats, Positive Technologies has updated its Telecom Attack Discovery (PT TAD) solution, which delivers targeted protection to SS7 and Diameter signaling networks. Combining rapid detection of all threat types with instant incident response, PT TAD can replace or work alongside existing signaling firewall. PT Telecom Attack Discovery prevents breaches of personal data, call and SMS interception, subscriber location tracking, signaling fraud, and denial of service attacks whether targeted at subscribers or the core network, and ensures faster incident investigation and protection that is more robust.

Critically, the latest version now includes full support of the Diameter protocol. A team of expert researchers and developers have analyzed all possible ways Diameter protocol vulnerabilities could be exploited and have created signatures to ensure mobile network operators are able to detect and prevent attacks using these vulnerabilities.

Jimmy Jones, Telecom Business Development Lead, Positive Technologies at Positive Technologies: “Despite years of warnings, there are still many vulnerabilities present in telecoms infrastructure and, while many might believe these issues had been resolved in Diameter, we have shown that isn’t the case. Network operators need to proactively protect their infrastructure and the most effective way of doing so is in real time. PT TAD allows signaling traffic to be analyzed in real time and information about security incidents to be addressed immediately for best protection possible, whether those networks are based on SS7 or Diameter.”

In addition to supporting the Diameter protocol, further updates made to PT TAD include:

  • Improved mechanism to block illegitimate and suspicious traffic and flexible rules of filtration for advanced users, as well as simple access lists for fast and effective implementation of security policies and GSMA FASG recommendations
  • Updates to the High-Risk Ranges List as reported to GSMA FASG by operators that have seen fraudulent traffic
  • An updated mechanism for profiling network elements by functional roles and statistical analysis of traffic
  • Improved functionality to ensure outputs are more user-friendly and more detailed information on attacks is offered

The latest version of PT TAD is available now. For further information and trial, please visit: https://www.ptsecurity.com/ww-en/products/telecom-attack-discovery/