Page 14 - Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions
P. 14
5 THE COMMONALITY OF TELECOM ATTACKS 6 THE CHALLENGE
According to research conducted by ENISA, 39 elec- Protection of these two attack surfaces is considered
3
tronic communication providers across the European to be exclusively in the cellular operators’ domain, i.e.
Union (EU) were surveyed on the commonality and fre- if the operator implements measures to protect itself,
quency of telecom attacks. More than 80% of the sur- all of the subscribers that use the network will be pro-
veyed telecom operators in the EU responded they have tected. However:
detected or encountered some attacks, and about 25% • Most cellular operators have not yet protected their
reported encountering a substantial number of attacks, networks against these attacks even though the
as seen in the following chart. However, at this point, the GSMA and ITU (global telecommunication govern-
low number of reported attacks can be affiliated to the ing bodies) have issued guidelines on how to defend
5
lack of detection mechanisms in place within the tele- against such attacks.
com operators, a fact shown in Figure 2.
According to the SIT workstream survey, over 70% • Operators that did comply with these recommenda-
of the telecom regulators and telecom operators sur- tions, in most cases only implemented these guide-
veyed have no clue if their networks are under telecom lines partially, maintaining part of the vulnerabilities
6
attacks. in their networks.
The telecoms that detected attacks identified them
in the categories shown below. It is visible that attacks • Network operators cannot protect against most of
the air interface vulnerabilities, even more so when
directly associated to DFS fraud, such as spoofing, SMS the subscriber is roaming.
interception, and subscriber fraud take a dominant per-
centage in the chart. The challenge therefore remains, how can a DFS pro-
vider or client defend themselves from cellular attacks
without relying on the mobile operators to solve this
FIGURE 1: Frequency of telecom attacks in the EU (survey) issue?
8% 13% FIGURE 3: Types of telecom attacks in the EU (survey)
90% 84.6%
18% 80%
70%
60% 56.4%
50% 48.7%
41.0%
40%
30%
61% 20%
12.8%
10% 5.1% 5.1% 2.6%
0%
SMS spam Spoofing
Routing attacks
Subscriber fraud
Text message interception
Denial of service
0 less than 10 10 to 100 more than 100 Location tracking Subscriber or provider Call interception
FIGURE 2 Awareness to telecom attacks in the developing world (survey)
Yes
No
I don’t
know
0% 10% 20% 30% 40% 50% 60% 70% 80%90% 100%
12 • Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions