Secure your core telecom network
When guarding against service interruptions, telecom operators have traditionally thought about natural disasters and accidental disturbances. But the convergence of traditional circuit-switched networks with broadband and packet-based Internet Protocol (IP) networks leaves telecoms open to a new threat: deliberate and malicious disruptions from cyberattacks.
Defending the signaling network (SS7/SIGTRAN) is a good place to start, but ignoring other vulnerabilities will leave hackers with plenty of other ways to break in. Even novice hackers can carry out attacks on customer management, transmission, switching, access, mobile, and intelligent networks to bypass service charges, create spoof calls and SMS messages, intercept email, and gain unauthorized access to voicemail and subscriber accounts.
So what do telecoms need? A more complete security strategy that protects their core network as an integrated whole.
Take a Comprehensive Security Approach
As your information security partner, Positive Technologies can perform an in-depth security assessment across all of your core network layers to identify every crack that a hacker could crawl through. With the insights gained from this comprehensive analysis, we create a practical attack model to illustrate where your business is at risk and outline the steps you should take to protect it.
Our industry-specific approach to core telecom network security includes:
- Security testing and research on a range of telecom equipment from 3G/LTE modems and femto, pico, and micro cells to HLR/STP/VAS, including architecture analysis, fuzz testing, and reverse engineering
- Auditing of IT and telecom networks for known and zero-day vulnerabilities and assessing implementation of security policies, processes, and controls
- Radio access network security testing for mobile and wireless communications standards: GSM, UMTS, LTE, WiMax, and WiFi, including authentication, encryption, and security checks
- (U)SIM card security checks for weak encryption algorithms, exposure of encryption keys and signatures, and Java application vulnerabilities
- Penetration testing to gauge resistance to network and data link layer attacks, analyzing traffic and logs, measuring the effects of exploiting vulnerabilities, and checking the likelihood of unauthorized access
- GPRS, IP, and packet core domain security audits; GTP testing
- Signaling security:
- USSD/SMS Service
- Signaling security assessment (including SS7, SIGTRAN, MAP, CAP, and ISUP) and SS7 external information gathering
- SS7/SIGTRAN interconnection and architecture audits
- Fraud analysis
- Operational management, OAM interface security testing
- Security of network services provisioning:
- Web/VAS/IN/Femto, VoIP
- Configuration hardening guides and checklists developed for a wide range of core equipment
Because malware and attacks can spread between interconnected networks, Positive Technologies also analyzes GRX, UTRAN, LTE, DSL, and Internet and IT network connections. These weaknesses can lead to a wide range of consequences, such as gaining access to OSS/BSS, compromising VAS/web/self-service portals, acquiring confidential data (IMSI, IKC) and substituting the subscriber profile in VLR/HRL—just to name a few.
Get a Hacker’s Perspective
Importantly, Positive Technologies gives you a hacker’s perspective by employing common and advanced attack techniques to uncover core network weaknesses on:
- Subscribers/From Subscribers/VAS/Backhaul: PON, FTTx, xDSL, WiFi, GPRS, and APN
- Circuit-Switched Core Networks: HLR/AuC, VLR/MSC, STP, and SMSC
- Packet-Switched Core Networks: SGSN, GGSN, and DNS
- Evolved Packet Core: PGW, HSS/PCRF, and MME
- IMS, OSS, BSS, IP/MPLS, and GRX/IPX
The convergence of traditional and new technologies opens up telecoms to deliberate and malicious disruptions from cyberattacks. The risks are high, so you need an infosec partner who knows telecom. You need Positive Technologies.