Upload
xura
View
56
Download
2
Embed Size (px)
Citation preview
XURA NETWORK SECURITY SURVEY WEBINAR2 |
How secure are mobile networks?How aware of the risks are consumers?What do consumers worry about?How do consumers protects themselves?What role does the network operator have?What are operators doing to improve security?
Agenda
XURA NETWORK SECURITY SURVEY WEBINAR3 |
Audience Participation Q1
iPhone users vs Android users – which group places themselves at more risk of mobile-related cybercrime? iPhone users Android-based phone users
In-fill question:This webinar is going to talk about security weaknesses in the telecoms network rather than compare security of different handset operating systems, but does the type of handset make any difference to how exposed consumers are to network vulnerabilities?
XURA NETWORK SECURITY SURVEY WEBINAR4 |
Audience Participation Q2
To what extent are you aware that SS7 networks are vulnerable to hacking/abuse ? What’s SS7? Not at all aware Somewhat aware Aware and familiar with some of the details Very aware and familiar with most of the details Expert knowledge of the issue I disagree: SS7 is totally secure
In-fill question:I know we're going to avoid the technical detail of SS7 during this webinar, but for those that want more technical information, where can they find it?
XURA NETWORK SECURITY SURVEY WEBINAR5 |
Audience Participation Q2 Results
To what extent are you aware that SS7 networks are vulnerable to hacking/abuse ?
RESULTS
XURA NETWORK SECURITY SURVEY WEBINAR6 |
How secure are mobile networks?How aware of the risks are consumers?What do consumers worry about?How do consumers protects themselves?What role does the network operator have?What are operators doing to improve security?
| XURA NETWORK SECURITY SURVEY WEBINAR7
What is SS7, and why is it important?
Authentication
MobilityCharging
Policy
Personalization
Calls and messaging with subscribers on other networks
RoamingCall control and
messaging
It’s what makes the network work
Carries the mission-critical, real-time data between network elements
$€£
Subscriber identity
Subscriber device type
Connection types and status
Subscriber location
Address of control elements
Address of charging elements
Usage policy settings
Subscriber service settings
Other Network
s
| XURA NETWORK SECURITY SURVEY WEBINAR8
How do hackers get access to SS7?
Generally
Outside the network
Hubs (including GRX and IPX)
Other Networ
ks
SIGTRAN replaced physical TDM links
Interconnection to other networksInterconnection via hubs
Other Network
s
Network elements including VAS
systems SMSC IN etc
External connectivity from other networks and hubs via
STPs, Signaling Gateways and Media Gateways
Signalling connection to 3rd parties
Signaling connections and
signaling end-point addresses leased to
3rd parties
3rd Parties
Inside the networkNetwork elements require signalling access
| XURA NETWORK SECURITY SURVEY WEBINAR9
What can hackers do via insecure SS7?
Subscriber privacy is lost: Location can be determined Calls can be blocked, diverted and intercepted Messages can be blocked, diverted, intercepted and
manipulated
Subscriber identity may be abused: Secure access codes received by SMS can be stolen
Network operation is at risk: Denial of service (DoS) attacks
Operator is exposed to fraud: Bypass of prepaid billing & roaming fraud
Revenue Loss & Fraud Billing may be bypassed Revenue lost from blocked calls $Reputation & Churn Poor service quality Fraud Security breaches
Compliance & Liabilities SLA failure penalties Lawsuits Regulator fines
Subscriber is exposed to fraud: Fraudulent enrolment to premium-rate messaging services Fraudulent call diverts to premium-rate numbers USSD commands may be used to transfer balance between
subscriber accounts
| XURA NETWORK SECURITY SURVEY WEBINAR10
The vulnerabilities are real. SS7 abuse is happening.
More than 350 network deployments worldwide Serving more than 3 billion end-points Providing network security solutions for more than 10 years
100%
of networks tested have vulnerabilities
Roaming Fraud $$
Pre-Paid Charging Bypass Fraud $$$
Location Tracking
Call Interception
SS7 exploits detected
XURA NETWORK SECURITY SURVEY WEBINAR12 |
Audience Participation Q3The following exploits have been associated with the vulnerabilities in SS7. Which do you think pose the biggest threat to network operators? (Pick up to 3) Monitoring subscriber service usage and
communications Tapping, interception or re-routing of voice calls Tapping, interception, re-routing or manipulation of
messaging Use of subscribers identities to gain fraudulent access
to telecom services Denial-of-service attack impacting general service
availability Denial-of-service attack on targeted subscribers Bypass of operator charging and billing functions Subscriber location tracking
In-fill question:It seems that one of the root causes is that operators lease SS7 connections to third parties that can't be trusted. Why do they do that?
XURA NETWORK SECURITY SURVEY WEBINAR13 |
Audience Participation Q4As a result of SS7 attacks, which of the following possible effects would be likely to cause the most significant pain for mobile network operators?(Pick up to 3) Increased churn Litigation from subscribers Litigation from enterprise customers Additional legal or regulatory requirements Fines imposed by regulators Loss of preferred roaming partner status Increased losses to fraud Loss of operating service revenues Devalution of company stock/shares
In-fill question:What's motivating people to hack mobile networks and subscriber?
XURA NETWORK SECURITY SURVEY WEBINAR14 |
Mobile networks are not secureHow aware of the risks are consumers?What do consumers worry about?How do consumers protects themselves?What role does the network operator have?What are operators doing to improve security?
| XURA NETWORK SECURITY SURVEY WEBINAR15
SS7 vulnerabilities have been publicized in consumer media
German researchers discover a flaw that could let anyone
listen to your cell calls.
Phone network hack means anyone can listen in on any mobile call
Cellular Privacy SS7 Security Shattered
at 31C3
September 2015: “Hackers exploit SS7 vulnerability to spy on Australian senator: report”
December 2014 : Annual Chaos Communication Congress event held in Hamburg …
April 2016: “Sharyn Alfonsi reports on how mobile phone networks are vulnerable.”
XURA NETWORK SECURITY SURVEY WEBINAR16 |
Xura Research Project
To understand subscribers’ perceptions and attitudes to the risks and consequences of mobile phone use and ‘attacks’ via SS7
| XURA NETWORK SECURITY SURVEY WEBINAR17
Respondent Demographics 1667Total
537 535 595
MALE
FEMALE
45%55%
MALE
FEMALE
45%
55%MALE
FEMALE
48%52%
PREPAID
MONTHLY
26%74%
PREPAID
MONTHLY
26%74%
PREPAID
MONTHLY
16%84%
22% 18-30 yrs
36% 31-50 yrs42% 51+Survey conducted in Quarter 3 2016
| XURA NETWORK SECURITY SURVEY WEBINAR18
Awareness of the problem and risks is low amongst consumers – and somewhat confused
30% YESAre you aware (or have you heard) of any security weakness in mobile phone networks that could make it possible for "hackers" to perform acts like those described below?
Make fraudulent calls to “premium rate’ numbers at the subscribers expense
Register subscribers to "premium rate" messaging services
Track the location of the phone Listen in to and record phone calls Intercept and possibly modify SMS text
messages Prevent the subscriber from making calls,
sending SMS texts or getting a data connection from your mobile
Aus : 28%UK : 32%US : 29%
21% of those (6% of total) indicated specific awareness of SS7 related vulnerability. Other root causes given included: OS vulnerabilities – 9% App vulnerabilities – 6% Operator data leaks – 3%
Vulnerabilities in Bluetooth, the Air Interface and WiFi were also mentioned, as well as voicemail hacking.
I have heard about journalists using hackers to listen on celebrities'
conversations, and record them to get news.
http://www.cbsnews.com/news/60-minutes-hacking-your-phone/
XURA NETWORK SECURITY SURVEY WEBINAR19 |
Mobile networks are not secureConsumers do not understand the risksWhat do consumers worry about?How do consumers protects themselves?What role does the network operator have?What are operators doing to improve security?
XURA NETWORK SECURITY SURVEY WEBINAR20 |
Audience Participation Q3 ResultsThe following exploits have been associated with the vulnerabilities in SS7. Which do you think pose the biggest threat to network operators?
RESULTS
| XURA NETWORK SECURITY SURVEY WEBINAR21
Which "hacks" do you feel are most likely to happen to you?
UK subscribers (58%) feel significantly more at risk of becoming victims of fraudulent calls being made at their expense, or being fraudulently registered for premium rate SMS services. Location tracking is a bigger concern for US citizens (46%).
Approx.
40%45% Fraudulent calls made at the subscribers expense38% Fraudulent registration for premium SMS services40% Location tracking
ALL Aus UK US Female Male 18-30 31-50 51+
-10%
0%
10%
20%
30%
40%
50%
60%
Fraudulent Calls SMS Subscriptions Location TrackingCall Interception SMS Interception Denial of Service
18-30 year olds (53%) feel significantly more at risk of becoming victims of location tracking. Fraudulent calls is a bigger concern for the over 50’s (50%).
If it was possible for "hackers" to hack your mobile network provider and do the things described above, which "hacks" do you feel are most likely to happen to you? (Select up to 3)
| XURA NETWORK SECURITY SURVEY WEBINAR22
How severely do you feel you would be affected if these "hacks" happened to you?
US subscribers generally feel they would be less badly affected than their UK and Australian counterparts, except for Denial of Service attacks.
52% Severely or Badly affected
The over 50’s are more concerned about the impact of fraudulent calls, while 18-30 years olds are more troubled by location tracking and call and SMS interception.
Fraudulent Calls
SMS Subscriptions
Location Tracking
Call Interception
SMS Interception
Denial of ServiceAllAusUKUS
52%
37%
36%
39%
58%
Gender plays a big role with males expecting to be significantly less badly affected than females across all types of threat.
XURA NETWORK SECURITY SURVEY WEBINAR23 |
Mobile networks are not secureConsumers do not understand the risksConsumers are worried about fraudHow do consumers protects themselves?What role does the network operator have?What are operators doing to improve security?
| XURA NETWORK SECURITY SURVEY WEBINAR24
What rules do you use to decide whether to grant “apps” permission to access other features or data on your phone?
Aus UK US ALL0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
None Ad hoc rules Strict rules
22% NONE
Males are marginally more likely to simply accept permissions than females (24% vs 21%) but are almost twice as likely to apply strict rules (11% vs 6%)
Those aged under 30 are more than twice as likely to simply accept permissions than those aged over 50 (32% vs 15%) The application of Strict Rules doesn’t vary with age.
| XURA NETWORK SECURITY SURVEY WEBINAR25
How often do you check your balance/bill to verify you have been correctly charged?
All
Pay
Mon
thly
Prep
ay All
Pay
Mon
thly
Prep
ay All
Pay
Mon
thly
Prep
ay All
Pay
Mon
thly
Prep
ay
ALL Aus UK US
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
"Monthly or more""A few times per year""Never"
ALL
32% NEVER
Highest ARPU subscribers (top 20%) are only slightly more likely to check their bills56% check monthly or more frequently compared with average of 51%
Males and females are equally likely to check their bills every monthUK Females marginally less so (43%) than UK Males (49%)
When someone else pays the bill 52% of phone users will never check they have been correctly charged
Those aged between 31 and 50 are least likely to check their bills monthlyOverall variance is small, ranging from 44% to 55%
XURA NETWORK SECURITY SURVEY WEBINAR26 |
Audience Participation Q1 Results
iPhone users vs Android users – which group places themselves at more risk of mobile-related cybercrime?
RESULTS
| XURA NETWORK SECURITY SURVEY WEBINAR27
iOS
54% more likely never check their bill
than Android device users
more than 2x apply no rules
when granting App permissions.
XURA NETWORK SECURITY SURVEY WEBINAR28 |
Mobile networks are not secureConsumers do not understand the risksConsumers are worried about fraudThey don’t protect themselvesWhat role does the network operator have?What are operators doing to improve security?
XURA NETWORK SECURITY SURVEY WEBINAR29 |
Audience Participation Q4 ResultsAs a result of SS7 attacks, which of the following possible effects would be likely to cause the most significant pain for mobile network operators?
RESULTS
| XURA NETWORK SECURITY SURVEY WEBINAR30
Fraudulent Calls
SMS Subscriptions
Location Tracki
ng
Call Interce
ption
SMS Interce
ption
Denial of S
ervice
0%10%20%30%40%50%60%70%80%90%
100%
Not at all protectedSlightly protectedModerately protectectedWell protectedCompletely protected
How well does your mobile network provider currently protect you from "hackers“?
UK subscribers feel marginally less protected by the network operator than their Australian and US counterparts. This is most noticeable in relation to SMS Interception.
61% Moderately or better
| XURA NETWORK SECURITY SURVEY WEBINAR31
If you became aware that you had been a victim of these "hacks", what action(s) would you most likely take ?
1 in 3 would inform the telecom regulator – Australians more so (45%) than Americans (24%) who are more likely than average to share the incident via social media.
Half (49%) would seek compensation from their mobile network provider. In the UK, this figure rises to 54%. Younger generations are more likely to follow this course of action than the over 50’s.
29% would change their provider either immediately (22%) or at the next renewal date (7%). The young are more likely to change providers than the old.
Do nothing
Switch to using 'Apps' to make calls and send messages more securely
Change my mobile network provider at the next renewal date
Change my mobile network provider as soon as possible
Change my mobile network provider
Seek financial compensation from my mobile network provider
Get a new mobile number, but stay with my current mobile network provider.
Report the story on social media (e.g. via twitter or facebook) or via the press
Inform my national telecoms regulator
Inform the police
0% 10% 20% 30% 40% 50% 60%
2%
8%
0.0683863227354529
0.223155368926215
0.291541691661668
0.485902819436113
0.239352129574085
0.143971205758848
0.32873425314937
0.539292141571686
XURA NETWORK SECURITY SURVEY WEBINAR32 |
Mobile networks are not secureConsumers do not understand the risksConsumers are worried about cybercrimeThey don’t protect themselvesThey hold network operators responsibleWhat are operators doing to improve security?
| XURA NETWORK SECURITY SURVEY WEBINAR33
We’re working with operators in every continent to improve security
Fraud and Security Groups
Security Recommendations
Network Operators
SecurityProviders XURA
Audit Network Vulnerability
Monitor Threat Activity
Security SolutionsXura SS7 Firewall
XURA NETWORK SECURITY SURVEY WEBINAR34 |
2G, 3G
SS7
4G and beyond
DIAMETER
Solutions for the next signaling security challenge