2016 has seen a lot of media attention towards SS7-based vulnerabilities that exist in worldwide mobile networks. These vulnerabilities allow attackers, including bad actors and foreign intelligence agencies, to accurately geo-locate nearly any mobile phone, intercept text messages, record phone conversations and much more.
Pushed by regulators and public attention, most mobile network operators around the world are now aware of this issue, and looking at ways to re-mediate the vulnerabilities and secure their networks. This often requires the deployment of specialized SS7 firewall appliances, to thwart the more complex attacks classified by GSMA (the GSM Association of mobile network operators) as Category 2 and Category 3 vulnerabilities.
But how can a mobile network operator ensure that the SS7 firewall appliance it chooses to deploy will effectively protect against all known SS7 vulnerabilities, now and in the future? Short of thoroughly testing the various appliances during an RFP process, which requires specialized equipment and know-how, this is a difficult task … until now!
The Telecom Defense Limited Company’s world first SS7 firewall certification is the solution to effectively screen vendors of SS7 firewall appliances.
To receive the certification, firewall vendors undergo a real life remote SS7 vulnerability test, which probes for vulnerabilities from all 3 GSMA vulnerability categories over the international roaming SS7 connection in a live mobile network protected by the appliance, replicating the conditions under which a real attacker would operate.
The certification is awarded to SS7 firewall appliances that successfully protect against well known vulnerabilities from all three GSMA-defined vulnerability categories, including when advanced obfuscation techniques such as SCCP spoofing are used.
The first certified SS7 firewall appliance is that of jtendo, a polish vendor of value added mobile network nodes. Other firewall appliance vendors are undergoing certification at the moment, and will be announced in the near future on the company’s website at http://www.telecomdefense.com.
“We are very proud to be the first SS7 firewall appliance to receive the Telecom Defense SS7 firewall certification”, said Piotr Szymanski, Director of jtendo. “The certificate confirms that our firewall product meets or exceeds all GSMA Fraud and Security Group guidelines as described in FS.11”.
“Certifications exist for many IT products, but for SS7 firewall appliances, which often require large capital investments on the part of mobile operators, there was no way to know if a product will successfully thwart off attackers until after it was deployed.”, said Jean Gottschalk, Principal Consultant and Founder of The Telecom Defense Limited Company. “The Telecom Defense SS7 firewall certification comes in response to our customers’ need to streamline their RFP process when selecting an SS7 firewall appliance.”
SS7 firewall vendors interested in applying for the certification should contact The Telecom Defense Limited Company, to have their product tested in a live deployment.