While 2016 has seen a lot of attention from telecom regulators on the subject of SS7-based vulnerabilities, and some mobile operators have begun securing their networks, the vast majority of worldwide mobile networks remain vulnerable to SS7-based attacks against their subscribers. Using the SS7 network, an attacker can accurately geo-locate mobile phone, intercept text messages, record phone conversations and much more on unprotected mobile networks.

The Telecom Defense Limited Company’s SS7 intelligence report, updated monthly and sold via annual subscription, provides a mobile operator or regulator with valuable information regarding the identity of currently active attackers on the SS7 network, new attackers, volumes of attacks and trends, origins, types and signatures of attacks.

The reports are produced using anonymized SS7 metadata provided by various partner mobile operators around the world, which creates a representative and realistic picture of the worldwide threat landscape and its trends month after month.

The monthly report contains:

• Current list of GTs originating malicious SS7 traffic
• Correlation between attacking GTs and patterns
• Types of attacks per GT
• Activity patterns
• OSINT information on the originating networks to help determine possible attribution
• Volume of activity and trends

A similar report for the Diameter-based threat landscape is currently under development, and will be made available to customers in the near future.