For decades, the SS7 telephony protocol has been embedded into our communications infrastructure. And its vulnerabilities mean many operators are at risk of security data breaches, even on 5G networks.
Location tracking, interception of voice and text messages, denial of service and fraud are all possible by exploiting security holes in the SS7 protocol. And these threats serve as a warning to the telecoms industry about what is at stake if these loopholes are not closed.
“The very purpose of SS7 was an intentional loophole for legitimate operators to manage the network but it has also become a window for hackers to exploit,” explained Federico Aureli, technical security specialist at Positive Technologies. “The SS7 protocol dates back to the 1970s, but firmly clings to 2G & 3G networks today. Despite mobile operators looking to shut down these networks in the coming years, GSMA reports that the number of 4G and 5G users is only now beginning to surpass that of 2G and 3G users.
“That means we won’t see the end of SS7 anytime soon. Their inherent architectural flaws mean criminals have access to text messages, phone calls, user location, all without the MNO or subscriber’s knowledge. Despite the industry turning its attention to new technologies such as 5G & IoT, it cannot turn a blind eye to the vulnerabilities which lurk beneath the surface. If not taken seriously, the past will come back to haunt mobile operators, stalling 5G migration efforts as the industry looks to the future.”
SS7 event details
Positive Technologies will be hosting its webinar, titled ‘SS7: The bad neighbor you’re stuck with during the 5G migration and far beyond’, on Thursday 6th August at 2pm.
Discussing the trending topics in SS7 security will be telecom experts Federico Aureli and Milan Brezina, from Positive Technologies. Areas they will discuss include:
- Why will SS7 remain embedded in networks even in the era of 5G?
- Why mobile operators should take into account SS7 vulnerabilities?
- What SS7 protocol real-life fraud cases exist?
Please register by clicking here.