SS7 fraud
In telecom networks carrying circuit switched traffic, there is the need for a layer of control signalling. This is where SS7 comes in. Signalling System #7 is a packet switched protocol, much like IP, that can carry signalling messages between telecommunication core nodes.
- ISUP for connectivity – Example: “The subscriber in my end hung up and I want to terminate the call by tearing down the payload connection”)
- Mobile Application Part (“MAP”) that can be used in and between mobile networks, for example for roaming and SMS – Example: “This is the German network German Com. I have one of your subs asking to access my network – is he allowed to by you?”)
- CAMEL Application Part (“CAP”) can be seen as an extension of MAP. If is mainly used for prepaid to enable real time rating but also stuff like conversion of short codes to long numbers. Example: “Your subscriber dialled 1234. Can you please tell me what number I should route this call to”.
From my perspective it’s grossly ignorant not to have watched this video and trying to grasp the consequences. Tobias Engel goes through the type of attacks possible.
Operators MUST address this. It’s reckless not to. You owe it to your subscribers to do it.
Bergatrollet can naturally offer you advice in this area. Our general advice is a filter that also supports SMS filtering. Please contact sales@bergatrollet.se for advice and references to relevant vendors.
Leave a Reply