Fractured Backbones Incidents Detection and Forensics in Telco Networks
|
|
- Violet Holly Daniel
- 6 years ago
- Views:
Transcription
1 Dmitry Kurbatov Sergey Puzankov Vladimir Kropotov Fractured Backbones Incidents Detection and Forensics in Telco Networks ptsecurity.com
2 About us Joint research of Incident Response and Telco Security Teams
3 Introduction
4 Technologies behind telco networks Чем мы пользуемся сегодня и на основе каких технологий это работает
5 Types of Incidents Subscriber location tracking Call interception (wiretapping) SMS interception and spoofing DoS, including balance DoS Other Fraudulent activities Phone number GPS location
6 Incidents statistics. Major threats Service Disruption Data Leakage Fraud Percentage of vulnerable networks
7 Incidents statistics. Data leakage Subscriber s Balance Disclosure Subscriber s Data Leakage Terminating SMS Interception Subscriber Location Discovery Voice Call Interception Percentage of vulnerable networks
8 Incidents statistics. Fraud Terminating Call Redirection Money Transfer via USSD Subscriber Profile Change Originating Call Redirection Percentage of vulnerable networks
9 Incident victims Mobile operator subscribers Mobile operator Other Mobile operators and their subscribers Third parties (often Banks and Their clients)
10 Prerequisites of attacks Internal intruder or Staff initiated attacks Level0 (almost) Kiddies - attacks that not require deep technical knowledge SMS fraud as preliminary stage of malware based attacks Fraud with social engineering (direct target is victim) Proxified fraud with social engineering Level1(Locally initiated) - attacks that require technical knowledge about Radio Access Network protocols IMSI Catcher Bluetooth Calls and SMS from the subscriber located nearby Level2 (Global impact) - attacks that require technical knowledge about telco infrastructure and protocols
11 Lightweight scenarios (Level0)
12 Kiddies fraud examples Typosquatting works well even here You received RUB, please follow the link for confirmation Purchase. Card *1234. Ammount 600 RUB. Drugstore 2000 Available balance RUB Not legit Legit
13 Central bank not only in s... Mature player and kiddies used the same brand name /Cental Bank of Russian Federation/ Your banking cards accounts was suspended! Info: /56e97c089a794797e5b8e6b3
14 Social engineering telco staff Temporary redirect calls and SMS to another number Own victim , social networks accounts, messengers and in some cases Money (Banking OTP TBD) Fast WIN
15 Cases (Level1)
16 SMS interception
17 Voice call interception Originating call Terminating call
18 Voice call interception. MitM
19 Level2 Cases (global impact)
20 Telco infrastructure, technical view
21 Telco infrastructure, technical view
22 Telco infrastructure, technical view
23 Telco infrastructure, technical view
24 IMSI Disclosure
25 Money fraud cases Infect smartphone with malware. Use fake base station (IMSI catcher) and to make software clone of SIM card. Conduct an attack via SS7 network forging USSD request.
26 USSD manipulation Request the balance *100#. Balance is Roubles
27 USSD manipulation *145*xxxxxx81142*10# - Transfer 10 Roubles to the number xxxxxx81142
28 USSD manipulation Cool security mechanism. Just send *145*851# to confirm the transaction
29 USSD manipulation New balance is Roubles. (10 Roubles ~ 0.15 )
30 Calls or SMS on behalf particular person located anywhere SMS spoofing
31 More sophisticated attacks
32 Example
33
34 Voice call redirection with a fraudulent activity Fraud case 1
35 Voice call redirection with a fraudulent activity HLR Billing GMSC Number Zimbabwe IMSI
36 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS Zimbabwe Number IMSI
37 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS IAM (A-Number, B-Number) Zimbabwe Number IMSI
38 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
39 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
40 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) Zimbabwe Number IMSI
41 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) InitialDP (B-Number, ) ApplyCharging, Continue Zimbabwe Number IMSI
42 Voice call redirection with a fraudulent activity RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) InitialDP (B-Number, ) ApplyCharging, Continue Cuba IAM (A-Number, ) Zimbabwe Number IMSI
43 Who pays? RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) InitialDP (B-Number, ) ApplyCharging, Continue Cuba IAM (A-Number, ) Zimbabwe Number IMSI
44 Who pays? RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) InitialDP (B-Number, ) ApplyCharging, Continue Cuba IAM (A-Number, ) Zimbabwe Number IMSI
45 Who pays? RegisterSS (IMSI, CFU, ) HLR Billing GMSC RegisterSS SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) SendRoutingInfo (CFU, ) InitialDP (B-Number, ) ApplyCharging, Continue Cuba IAM (A-Number, ) Zimbabwe Number IMSI
46 Voice call redirection with a fraudulent activity Fraud case 2
47 Voice call redirection with a fraudulent activity HLR Billing GMSC Number Zimbabwe IMSI
48 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) Zimbabwe Number IMSI
49 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) IAM (A-Number, B-Number) Zimbabwe Number IMSI
50 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
51 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
52 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
53 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) IAM (A-Number, B-Number) Zimbabwe Number IMSI
54 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) Zimbabwe Number IMSI
55 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue Zimbabwe Number IMSI
56 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) Zimbabwe Number IMSI
57 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) Zimbabwe Number IMSI
58 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) Zimbabwe Number IMSI
59 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) ProvideRoamingNumber (MSRN = ) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) Zimbabwe Number IMSI
60 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) ProvideRoamingNumber (MSRN = ) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) SendRoutingInfo (MSRN = ) Zimbabwe Number IMSI
61 Voice call redirection with a fraudulent activity UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) ProvideRoamingNumber (MSRN = ) SendRoutingInfo (MSRN = ) Cuba IAM (A-Number, ) Number Zimbabwe IMSI
62 Who pays? UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) ProvideRoamingNumber (MSRN = ) SendRoutingInfo (MSRN = ) Cuba IAM (A-Number, ) Number Zimbabwe IMSI
63 Who pays? UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) ProvideRoamingNumber (MSRN = ) SendRoutingInfo (MSRN = ) Cuba IAM (A-Number, ) Number Zimbabwe IMSI
64 Who pays? UpdateLocation (IMSI, Fake MSC/VLR) HLR Billing GMSC InsertSubscriberData (Profile) ProvideSubscriberInfo (IMSI) ProvideSubscriberInfo (Location = Home) SendRoutingInfo (MSISDN) SendRoutingInfo (Location = Home) IAM (A-Number, B-Number) ProvideRoaminNumber (IMSI) InitialDP (A-Num, B-Num, Location) ApplyCharging, Continue SendRoutingInfo (MSISDN) ProvideRoamingNumber (MSRN = ) SendRoutingInfo (MSRN = ) Cuba IAM (A-Number, ) Number Zimbabwe IMSI
65 Thank you! ptsecurity.com
Trojans in SS7 - how they bypass all security measures
Sergey Puzankov Trojans in SS7 - how they bypass all security measures ptsecurity.com SS7 in the 20 th century SCP STP STP SSP SCP SSP STP PSTN STP SSP SS7 (Signaling System #7): a set of telephony protocols
More informationMobile operators vs. Hackers: new security measures for new bypassing techniques
Sergey Puzankov Mobile operators vs. Hackers: new security measures for new bypassing techniques ptsecurity.com SS7 in the 20 th century SCP STP STP SSP SCP SSP STP PSTN STP SSP SS7 Signaling System #7,
More informationPRIMARY SECURITY THREATS FOR SS7 CELLULAR NETWORKS
PRIMARY SECURITY THREATS FOR SS7 CELLULAR NETWORKS PRIMARY SECURITY THREATS FOR SS7 CELLULAR NETWORKS Contents Introduction...3 1. Research Methodology...4 2. Summary...5 3. Participant Profile...5 4.
More informationInterworking Internet Telephony and Wireless
Interworking Internet Telephony and Wireless Telecommunications Networks Bell Laboratories & Columbia University lennox@{bell-labs.com,cs.columbia.edu} Kazutaka Murakami, Mehmet Karaul, Thomas F. La Porta
More informationPositive Technologies Telecom Attack Discovery DATA SHEET
Positive Technologies Telecom Attack Discovery DATA SHEET PT TELECOM ATTACK DISCOVERY DATA SHEET CELLULAR NETWORK SECURITY COMPLICATIONS As is shown in the network analysis performed by Positive Technologies
More informationThree kinds of number portability
Number Portability Three kinds of number portability Location portability: a subscriber may move from one location to another location without changing his or her telephone number Service portability:
More informationEffective SS7 protection ITU Workshop on SS7 Security, June 29 th 2016
Effective SS7 protection ITU Workshop on SS7 Security, June 29 th 2016 Luca Melette SRLabs Template v12 Motivation: Operators and their users still vulnerable to SS7 attacks Agenda 3 attack
More informationExpress Monitoring 2019
Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities
More informationTHREATS TO PACKET CORE SECURITY OF 4G NETWORK
07 CONTENTS Terms and abbreviations... : main components and protocols...4 Attack scenarios...5 What is necessary for a successful attack...5 Threats to EPC security...7. Fraud...7. Connection hijacking...8.
More informationHOLISTIC COMMUNICATIONS SECURITY
HOLISTIC COMMUNICATIONS SECURITY BLACK TIGER COUNTERING CYBER TERRORISM HOLISTIC COMMUNICATIONS SOLUTION LACSMI is leading vendor in telecommunications since 1992 promoting set of security solutions worldwide
More information10 Call Set-up. Objectives After this chapter the student will: be able to describe the activities in the network during a call set-up.
10 Call Set-up Objectives After this chapter the student will: be able to describe the activities in the network during a call set-up. 10.1 INTRODUCTION... 2 10.2 CALL TO MS (MT)... 3 10.3 CALL FROM MS
More informationStealthy SS7 Attacks
Stealthy SS7 Attacks Sergey Puzankov Positive Technologies, Russia E-mail: spuzankov@ptsecurity.com Received 8 September 2017; Accepted 10 October 2017 Abstract As we can see, most mobile operators defend
More informationMAP - Mobile Application Part
- Mobile Application Part Mobility Management in GSM GSM services Short Message Service CAMEL = IN+GSM integration Raimo Kantola/ k2001 Telecommunications Switching Technology I 17-1 Course scope - lecture
More informationKASPERSKY FRAUD PREVENTION FOR ENDPOINTS
KASPERSKY FRAUD PREVENTION FOR ENDPOINTS www.kaspersky.com KASPERSKY FRAUD PREVENTION 1. Ways of Attacking Online Banking The prime motive behind cybercrime is making money and today s sophisticated criminal
More informationCONTENTS. Subscriber denial of service...9 Causes of vulnerabilities Recommendations for protection Conclusion... 13
DIAMETER VULNERABILITIES EXPOSURE REPORT 2018 DIAMETER VULNERABILITIES EXPOSURE REPORT 2018 CONTENTS Introduction...3 Terms and definitions...3 Executive summary...4 Materials and methods...4 Client snapshot...5
More informationContents VULNERABILITIES OF MOBILE INTERNET (GPRS), 2014
VULNERABILITIES OF MOBILE INTERNET (GPRS) Dmitry Kurbatov Sergey Puzankov Pavel Novikov 2014 Contents 1. Introduction 2. Summary 3. Mobile network scheme 4. GTP protocol 5. Searching for mobile operator
More informationLET S TALK MONEY. Fahad Pervaiz. Sam Castle, Galen Weld, Franziska Roesner, Richard Anderson
LET S TALK MONEY Fahad Pervaiz Sam Castle, Galen Weld, Franziska Roesner, Richard Anderson Unbanked Population Branchless Banking Bank/Financial Institute Bank of America, Standard Chartered Bank Telecommunication
More informationCommunication Networks 2 Signaling 2 (Mobile)
Communication Networks 2 Signaling 2 (Mobile) Gusztáv Adamis BME TMIT 2017 GSM signaling Signaling of GSM is based on the ISDN signaling systems SS7/DSS1 But, because of mobility, roaming, radio access
More informationSECURITY TRENDS & VULNERABILITIES REVIEW FINANCIAL SYSTEMS
SECURITY TRENDS & VULNERABILITIES REVIEW FINANCIAL SYSTEMS 2017 CONTENTS Introduction...3 Executive summary...3 1. Research data...5 2. Protection flaws...6 2.1. Overall statistics...6 2.2. Comparison
More informationThreat patterns in GSM system. Basic threat patterns:
Threat patterns in GSM system Usage of mobile devices in business simpli es, speeds up and optimizes business processes. However, it is necessary to understand that the more complicated the device is the
More informationGSM Mobility Management
GSM Mobility Management Phone Lin Ph.D. Email: plin@csie.ntu.edu.tw 1 Outlines Introduction GSM Location Update Basic Call Origination and Termination Procedures Mobility Databases Failure Restoration
More informationWe Know Where You Are!
2016 8th International Conference on Cyber Conflict Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 2016 NATO CCD COE Publications, Tallinn Permission to make digital or hard copies of this publication
More informationHow to understand a pdf file invoice
How to understand a pdf file invoice.pdf files are used by Eseye to send invoices to customers. For help in finding an invoice, see: How to locate an invoice. The.pdf invoice is comprised of a front page
More informationCellular Mobile Systems and Services (TCOM1010) GSM Architecture
GSM Architecture 1 GSM NETWORK INFRASTRUCTURE...2 2 NETWORK SWITCHING SUBSYSTEM (NSS)...3 2.1 Home Location Register...4 2.2 Mobile Switching Center and Visitor Location Register...4 2.3 Authentication
More informationE N H A N C E D F R A U D D E T E C T I O N U S I N G S I G N A L I N G. W U G M a l a y s i a
E N H A N C E D F R A U D D E T E C T I O N U S I N G S I G N A L I N G W U G M a l a y s i a 2 0 1 7 CONTACTS NUNO PESTANA FRAUD PROFESSIONAL SERVICES MANAGER +351 939 651 481 nuno.pestana@wedotechnol
More informationJPCERT/CC Incident Handling Report [January 1, March 31, 2018]
JPCERT-IR-2018-01 Issued: 2018-04-12 JPCERT/CC Incident Handling Report [January 1, 2018 - March 31, 2018] 1. About the Incident Handling Report JPCERT Coordination Center (herein, JPCERT/CC) receives
More informationSecurity & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
More informationTaking Over Telecom Networks
Taking Over Telecom Networks Hardik Mehta (@hardw00t) Loay Abdelrazek (@sigploit) Taking Over Telecom Networks - Hardik Mehta (@hardw00t) and Loay Abdelrazek (@sigploit) 1 Press Release: some highlights
More informationVulnerabilities in online banking applications
Vulnerabilities in online banking applications 2019 Contents Introduction... 2 Executive summary... 2 Trends... 2 Overall statistics... 3 Comparison of in-house and off-the-shelf applications... 6 Comparison
More information716 West Ave Austin, TX USA
Fundamentals of Computer and Internet Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION What Is Computer Crime?... 2 Computer Fraud
More informationRepresentative office in Russia: Representative office in Great Britain:
a British company that develops services in the field of telecommunications now offers a unique platform for creating your own virtual mobile network (MVNO) Representative office in Russia: +7 499 649
More informationAdvanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
More informationOn the Radar: Positive Technologies protects against SS7 network vulnerabilities
On the Radar: Positive Technologies protects against SS7 network vulnerabilities PT SS7 Attack Discovery detects SS7 network intrusions Publication Date: 14 Feb 2017 Product code: IT0022-000885 Andrew
More informationZimperium Global Threat Data
Zimperium Global Threat Report Q2-2017 700 CVEs per Year for Mobile OS 500 300 100 07 08 09 10 11 12 13 14 15 16 17 Outdated ios Outdated ANDROID 1 of 4 Devices Introduces Unnecessary Risk 1 out of 50
More informationUnique Phishing Attacks (2008 vs in thousands)
The process of attempting to acquire sensitive information, such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. In the 2 nd half
More informationAn Agency Under MOSTI SECURITY ASSURANCE. Securing Our Cyberspace. Copyright 2008 CyberSecurity Malaysia
An Agency Under MOSTI Understanding Mobile Phone Threat Vectors 4 th th ETSI Mobile Security Workshop Sophia Antipolis, France SECURITY ASSURANCE Creating Trust & Confidence Mohamad Nizam Kassim, GAWN
More informationPROACTIVE APPROACH. INTELLIGENT CYBERSECURITY. ptsecurity.com
PROACTIVE APPROACH. INTELLIGENT CYBERSECURITY ptsecurity.com WHO WE ARE Positive Technologies is a leading global provider of enter prise security solutions for vulnerability and compliance management,
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationGPRS security. Helsinki University of Technology S Security of Communication Protocols
GPRS security Helsinki University of Technology S-38.153 Security of Communication Protocols vrantala@cc.hut.fi 15.4.2003 Structure of the GPRS Network BSS GTP PLMN BSS-Base Station sub-system VLR - Visiting
More informationHow WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security
How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering Security Drivers for Fraud Prevention WebSafe Protection Drivers for Fraud Prevention WebSafe Protection
More informationFive Nightmares for a Telecom
Five Nightmares for a Telecom Dmitry Kurbatov Information security specialist Positive Technologies Webinars by Positive Technologies Agenda Physical access to a base station network OSS vulnerabilities
More informationUnbundling roaming services. An effective way to create competition for roaming services in the European Union
Unbundling roaming services An effective way to create competition for roaming services in the European Union 1 Overview > Short summary of the solution > Key factors in choosing one structural solution
More informationWireless and Mobile Network Architecture
Wireless and Mobile Network Architecture Chapter 8: GSM Mobility Management Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National Taipei University Nov. 2006 1 Outline
More informationMobile Telephony Threats in Asia
Mobile Telephony Threats in Asia Black Hat Asia 2017, Singapore Dr. Marco Balduzzi Dr. Payas Gupta Lion Gu Sr. Threat Researcher Data Scientist Sr. Threat Researcher Trend Micro Pindrop Trend Micro Joint
More informationSecurity Governance and Management Scorecard
Security Governance and Management Scorecard Risk Analysis 1 - Please indicate the status of your risk analysis process. 6 - Documented, enforced, reviewed, and 2 - Are all (Network, Data, Apps, IAM, End
More information28 Deploying IN Services in a Mobile Environment
28 Deploying IN Services in a Mobile Environment D. Haran Comverse Network Systems 170 Crossways Park Drive, Woodbury, New York 11797 USA Tel: (516) 677-7200, Fax: (516) 677-7355 E-mail danny_haran@comverse.com
More informationMavenir Keynote. Think Smarter Secure communication Innovate Services. By Mohamed Issa Regional Head of Africa Sales
Mavenir Keynote Think Smarter Secure communication Innovate Services By Mohamed Issa Regional Head of Africa Sales The New Mavenir: Combining Market Leaders Combing three industry-leading companies to
More informationConsumer trust hanging in the balance with the threat of SS7 attacks
Published November 2017 Consumer trust hanging in the balance with the threat of SS7 attacks Market research into consumer awareness and response to SS7 threats and the potential consequences for mobile
More informationThis Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry
This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry At a Glance With offices across the country, this gaming company has been in operation for decades.
More informationGSM Open-source intelligence
GSM Open-source intelligence Kenneth van Rijsbergen 1 1 MSc System and Network Engineering Faculty of Science University of Amsterdam 30 June 2016 Kenneth van Rijsbergen University of Amsterdam GSM OSINT
More informationFFIEC Guidance: Mobile Financial Services
FFIEC Guidance: Mobile Financial Services Written by: Jon Waldman, CISA, CRISC Partner and Senior Information Security Consultant Secure Banking Solutions, LLC FFIEC Updates IT Examination Handbook to
More informationUMTS System Architecture and Protocol Architecture
UMTS System Architecture and Protocol Architecture Overview on overall system architecture UMTS network architecture and elements Mobile station High-level functions UMTS domains and strata UMTS/GPRS protocol
More informationTelephony Fraud and Abuse. Merve Sahin
Telephony Fraud and Abuse Merve Sahin sahin@eurecom.fr Background 2 Telephony Networks Quick history 1870s: Plain Old Telephone System (POTS) Enabled by transmission of voice over copper lines Used in-band
More informationGhost Telephonist. Link Hijack Exploitations in 4G LTE CS Fallback. Yuwei ZHENG, Lin HUANG, Qing YANG, Haoqi SHAN, Jun LI
Ghost Telephonist Link Hijack Exploitations in 4G LTE CS Fallback Yuwei ZHENG, Lin HUANG, Qing YANG, Haoqi SHAN, Jun LI UnicornTeam, 360 Technology July 27, 2017 Who We Are? 360 Technology is a leading
More information2013 CONSUMER MOBILE INSIGHTS STUDY!
2013 CONSUMER MOBILE INSIGHTS STUDY! Released by Jumio, Inc. & conducted by Harris Interactive 2013 CONSUMER MOBILE INSIGHTS STUDY: KEY FINDINGS & INSIGHTS! 83% of respondents worry about identity theft
More informationGuess Who s Texting You?
TelcoSecDay @ Troopers 3/20/12 Heidelberg, Germany Guess Who s Texting You? Evaluating the Security of Smartphone Messaging Applications Sebastian Schrittwieser SBA Research, Vienna, Austria Source: path.com
More informationGSMK. Cryptography Network Security. GSMK Oversight SS7 Firewall and Intrusion Detection System
Cryptography Network Security GSMK Firewall and Intrusion Detection System GSMK Firewall and intrusion detection system to prevent attacks via interconnect. Protect your Network s Achilles Heel. With the
More informationGSMK CryptoPhone Baseband Firewall Technical Briefing
GSMK CryptoPhone Baseband Firewall Technical Briefing Preface The GSMK CryptoPhone Baseband Firewall (BBFW for short) in GSMK CryptoPhone secure mobile phones from the 500 Series onwards has been designed
More informationBank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
More informationRSA Web Threat Detection
RSA Web Threat Detection Online Threat Detection in Real Time Alaa Abdulnabi. CISSP, CIRM RSA Pre-Sales Manager, TEAM Region 1 Web Threat Landscape In the Wild Begin Session Login Transaction Logout Web
More informationAnalysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or tshark) and Snort
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or tshark) and Snort Madrid, March 2018. By: Alejandro Corletti Estrada (acorletti@darfe.es - acorletti@hotmail.com) INDEX 1.
More information[2017 TopN Security Threats and Preventive Measures for Mobile Networks]
[2017 TopN Security Threats and Preventive Measures for Mobile Networks] 2017.10 Contents Foreword 1 Overview -------------------------------------------------- 4 2 Mobile Networks Security Threats ----------------
More informationWHITE PAPER 2019 AUTHENTICATOR WHITE PAPER
WHITE PAPER 2019 AUTHENTICATOR WHITE PAPER 1 The Background to the WIZZIT Authenticator THE EVOLUTION OF AUTHENTICATION At its most basic level, bank grade authentication is built around a simple concept
More informationQuick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.
Quick Heal Total Security for Android Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping. Product Highlights Complete protection for your Android device that
More informationUnified Communications Threat Management (UCTM) Secure Communications and Collaborations
Secure Cloud Communication and Collaboration. Overview The emergence of IP Voice, Video, Unified Communication and Collaborations (UC&C) technology and applications are causing a fundamental shift in the
More informationSecurity of Cellular Networks: Man-in-the Middle Attacks
Security of Cellular Networks: Man-in-the Middle Attacks Mario Čagalj University of Split 2013/2014. Security in the GSM system by Jeremy Quirke, 2004 Introduction Nowadays, mobile phones are used by 80-90%
More informationMavenir Spam and Fraud Control
SOLUTION BRIEF Assuring Operator Revenue and A2P Grey Route Monetization Operators are realizing the scale and potential of A2P (Application to Person) messaging revenues, and how advances in messaging
More informationInformation Technology Mobile Computing Module: GSM Handovers
Information Technology Mobile Computing Module: GSM Handovers Learning Objectives Recap of previous modules Basic functions of Network Sub System Entities that form NSS namely MSC,GMSC,HLR and VLR Functions
More informationCYBER SECURITY OPERATION CENTER
CYBER OPERATION CENTER Reply s new Cyber Security Operation Centre is a structure specialised in the provision of Premium-level security services, tailored to the customer's needs, processes, and the specific
More informationSecure Interworking Between Networks in 5G Service Based Architecture
Secure Interworking Between Networks in 5G Service Based Architecture Silke Holtmanns Nokia 1 Nokia 2016 Nokia Future Attacks and Mitigation Research that
More informationKaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity
Kaspersky Enterprise Cybersecurity Kaspersky Security Assessment Services www.kaspersky.com #truecybersecurity Security Assessment Services Security Assessment Services from Kaspersky Lab. the services
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationRev
Rev. 1.7.2 Copyright Notice Copyright Telinta Inc. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express
More informationChange Requests to GSM Clarification and Modification of SMS handling
ETSI TC SMG # 22 Plenary Meeting Kristiansand, Norway 9th - 13th June 1997 Tdoc SMG 379/ 97 Source: SMG3 Agenda Item: 6.3 Change Requests to GSM 09.02 Clarification and Modification of SMS handling Introduction:
More informationGSM security country report: Estonia
GSM security country report: Estonia GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin September 2014 Abstract. GSM networks differ widely in their protection capabilities against common
More informationCybersecurity for Service Providers
Cybersecurity for Service Providers Alexandro Fernandez, CISSP, CISA, CISM, CEH, ECSA, ISO 27001LA, ISO 27001 LI, ITILv3, COBIT5 Security Advanced Services February 2018 There are two types of companies:
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationGSM Mobility Databases
GSM Mobility Databases 1 Outline Mobility Databases Failure Restoration VLR Identification Algorithm VLR Overflow Control Summary 2 Two Issues of GSM Mobility Databases Fault Tolerance If the location
More information(Geo)Location, Location, Location.!! Matt Blaze University of Pennsylvania
(Geo)Location, Location, Location!! Matt Blaze University of Pennsylvania Mobile Devices Computers, but you carry them with you they have lots of sensors (GPS, etc) they transmit (cell, wifi, bluetooth,
More informationFederal Mobility: A Year in Review
Federal Mobility: A Year in Review Link: https://www.dhs.gov/csd-mobile Link: https://www.dhs.gov/publication/csd-mobile-device-security-study Vincent Sritapan Cyber Security Division Science and Technology
More informationSubscriber Data Management
Subscriber Data Management SIP Interface Description 910-6550-001 Revision A October 2012 Copyright 2012 Tekelec All Rights Reserved Notice Information in this documentation is subject to change without
More informationAccounting Information Systems
Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how
More informationStakeholders Analysis
Stakeholders Analysis Introduction National Stakeholders ISP citizens CNIIP Media National CIRT Academia ONG, Public And Private Institutions sectoral CSIRTs Law enforcement 2 2 CIRT ISP A specialized
More informationOracle Communications Subscriber Data Management
Oracle Communications Subscriber Data Management SIP Interface Description Release 9.3 910-6878-001 Revision B January 2014 Oracle Communications SIP Interface Description, Release 9.3 Copyright 2010,
More informationQuick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.
Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping. Product Highlights Complete protection for your Android device that simplifies security and significantly
More informationGSM System Protocol Architecture
GSM System Protocol Architecture References: Jörg Erbespächer, Hans Jörg Vogel, Christian Bettstetter, GSM: Switching services and protocols, Wiley 2001, ISBN 0-471-499903-X Schiller: Mobile communications,
More informationHow to understand a csv file invoice
How to understand a csv file invoice.csv files are used my Eseye to send invoices to customers, they are easily opened in Excel. For help in finding an invoice, see: How to locate an invoice. An example.csv
More informationCybercrime and Information Security for Financial Institutions. AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida
Cybercrime and Information Security for Financial Institutions AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida Defining Cybercrime Stealing and Monetizing Financial and Identity Data
More informationTo: All Deposit Money Banks, Switches, Mobile Money Operators, Payment Solution Service Providers, Micro Finance Banks & Others
. BANKING AND PAYMENTS SYSTEM DEPARTMENT CEN BANK OF NIGERIA Central Business District P.M.B. 0187, Gar1ci, Abuja. +234-0946238445 BPS/DIR/GEN/CIR/05/002 April 17, 2018 To: All Deposit Money Banks, Switches,
More informationCyber Security Threats to Telecom Networks. Rosalia D Alessandro Hardik Mehta Loay Abdelrazek
Cyber Security Threats to Telecom s Rosalia D Alessandro Hardik Mehta Loay Abdelrazek Press Release: some highlights Cyber Security Threats to Telecom s - Rosalia D Alessandro, Hardik Mehta and Loay Abdelrazek
More informationMOBILE THREAT LANDSCAPE. February 2018
MOBILE THREAT LANDSCAPE February 2018 WHERE DO MOBILE THREATS COME FROM? In 2017, mobile applications have been a target of choice for hackers to access and steal data, with 86% of mobile threats coming
More informationSTAYING SAFE FROM SOCIAL ENGINEERING SCHEMES
STAYING SAFE FROM SOCIAL ENGINEERING SCHEMES Dr. Catherine J. Ullman Senior Information Security Analyst Information Security Office cende@buffalo.edu 1 Who Am I? 2 But seriously Senior Information Security
More informationTelecom MISP. Building a Telecom Information Sharing Platform. Alexandre De Oliveira
Telecom MISP Building a Telecom Information Sharing Platform Alexandre De Oliveira MISP history Actively developed and maintained by CIRCL Computer Incident Response Center Luxembourg Open Source Software
More informationProtecting Your Devices. Dr. Leon D. Chapman
Protecting Your Devices Dr. Leon D. Chapman 1 Device Security Threats to Devices Scams Passwords Secure your Device Security Apps / Solutions 2 Mobile device security threats ( http://www.csoonline.com/article/2157785/data-protection/five-new-threatsto-your-mobile-device-security.html
More informationCyber Crime Update. Mark Brett Programme Director February 2016
Cyber Crime Update Mark Brett Programme Director February 2016 What is Cyber Crime? What are the current threats? What is the capability of local and regional Cyber Crime Investigations? What support is
More informationDigital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans
Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October 2014 Frazier D. Evans Evans_Frazier@bah.com There are four key areas that need to be investigated when talking
More informationCOUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017
COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE Presented by Paul R. Hales, J.D. May 8, 2017 1 HIPAA Rules Combat Cyber Crime HIPAA Rules A Blueprint to Combat Cyber Crime 2 HIPAA Rules Combat Cyber Crime
More information3G TS V3.1.0 ( )
Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network; Organization of subscriber data () The present document has been developed within the 3 rd Generation
More informationSecuring today s identity and transaction systems:! What you need to know! about two-factor authentication!
Securing today s identity and transaction systems:! What you need to know! about two-factor authentication! 1 Today s Speakers! Alex Doll! CEO OneID Jim Fenton! Chief Security Officer OneID 2 Contents!
More informationEasy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.
Security Solutions Our security suite protects against email spam, viruses, web-based threats and spyware while delivering disaster recovery, giving you peace of mind so you can focus on what matters most:
More information