Mobile Cybercrime - Don’t Leave Your Customers Vulnerable

MARK WINDLE
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable

| XURA NETWORK SECURITY SURVEY WEBINAR
How secure are mobile networks?
How aware of the risks are consumers?
What do consumers worry about?
How do consumers protects themselves?
What role does the network operator have?
What are operators doing to improve security?
Agenda
2

|
Audience Participation Q1
XURA NETWORK SECURITY SURVEY WEBINAR
iPhone users vs Android users – which group
places themselves at more risk of mobile-
related cybercrime?
 iPhone users
 Android-based phone users
3
In-fill question:
This webinar is going to talk
about security weaknesses in
the telecoms network rather
than compare security of
different handset operating
systems, but does the type of
handset make any difference to
how exposed consumers are to
network vulnerabilities?

|
To what extent are you aware that SS7
networks are vulnerable to hacking/abuse ?
 What’s SS7?
 Not at all aware
 Somewhat aware
 Aware and familiar with some of the details
 Very aware and familiar with most of the details
 Expert knowledge of the issue
 I disagree: SS7 is totally secure
4
In-fill question:
I know we're going to avoid the
technical detail of SS7 during
this webinar, but for those that
want more technical
information, where can they
find it?

|
Audience Participation Q2 Results
To what extent are you aware that SS7
networks are vulnerable to hacking/abuse ?
RESULTS
5

How secure are mobile networks?
6

What is SS7, and why is it important?
Authentication
Mobility
Charging
Policy
Personalization
Calls and messaging
with subscribers on
other networks
Roaming
Call control and
messaging
It’s what makes the network work
Carries the mission-critical, real-time data
between network elements
$€£
Subscriber identity
Subscriber device type
Connection types and status
Subscriber location
Address of control elements
Address of charging elements
Usage policy settings
Subscriber service settings
Other
Networks
7

How do hackers get access to SS7?
Generally
Outside the network
Hubs (including GRX and IPX)
Other
Networks
SIGTRAN replaced physical TDM
links
Interconnection to other networks
Interconnection via hubs
Other
Networks
Network elements
including VAS systems
SMSC IN etc
External connectivity from other
networks and hubs via STPs, Signaling
Gateways and Media Gateways
Signalling connection to 3rd parties
Signaling connections and
signaling end-point addresses
leased to 3rd parties
3rd Parties
Inside the network
Network elements require
signalling access
8

What can hackers do via insecure SS7?
Subscriber privacy is lost:
 Location can be determined
 Calls can be blocked, diverted and intercepted
 Messages can be blocked, diverted, intercepted and
manipulated
Subscriber identity may be abused:
 Secure access codes received by SMS can be stolen
Network operation is at risk:
 Denial of service (DoS) attacks
Operator is exposed to fraud:
 Bypass of prepaid billing & roaming fraud
Revenue Loss & Fraud
 Billing may be bypassed
 Revenue lost from blocked calls $
Reputation & Churn
 Poor service quality
 Fraud
 Security breaches
Compliance & Liabilities
 SLA failure penalties
 Lawsuits
 Regulator fines
Subscriber is exposed to fraud:
 Fraudulent enrolment to premium-rate messaging services
 Fraudulent call diverts to premium-rate numbers
 USSD commands may be used to transfer balance between
subscriber accounts
9

The vulnerabilities are real. SS7 abuse is happening.
 More than 350 network deployments worldwide
 Serving more than 3 billion end-points
 Providing network security solutions for more than 10 years
100%of networks tested have
vulnerabilities
Roaming Fraud $$
Pre-Paid Charging Bypass Fraud $$$
Location Tracking
Call Interception
SS7 exploits detected
10

Mobile networks are not secure
11

|
The following exploits have been associated
with the vulnerabilities in SS7. Which do you
think pose the biggest threat to network
operators? (Pick up to 3)
 Monitoring subscriber service usage and
communications
 Tapping, interception or re-routing of voice calls
 Tapping, interception, re-routing or manipulation of
messaging
 Use of subscribers identities to gain fraudulent access
to telecom services
 Denial-of-service attack impacting general service
availability
 Denial-of-service attack on targeted subscribers
 Bypass of operator charging and billing functions
 Subscriber location tracking
12
In-fill question:
It seems that one of the root
causes is that operators lease
SS7 connections to third parties
that can't be trusted. Why do
they do that?

|
As a result of SS7 attacks, which of the
following possible effects would be likely to
cause the most significant pain for mobile
network operators?
(Pick up to 3)
 Increased churn
 Litigation from subscribers
 Litigation from enterprise customers
 Additional legal or regulatory requirements
 Fines imposed by regulators
 Loss of preferred roaming partner status
 Increased losses to fraud
 Loss of operating service revenues
 Devalution of company stock/shares
13
In-fill question:
What's motivating people to
hack mobile networks and
subscriber?

14

SS7 vulnerabilities have been publicized in consumer media
German researchers discover
a flaw that could let anyone
listen to your cell calls.
Phone network hack means
anyone can listen in on any
mobile call
Cellular Privacy SS7
Security Shattered
at 31C3
September 2015: “Hackers exploit SS7 vulnerability to spy on Australian senator:
report”
December 2014 : Annual Chaos Communication Congress event held in Hamburg …
April 2016: “Sharyn Alfonsi reports on how mobile phone networks are vulnerable.”
15

Xura Research Project
To understand subscribers’
perceptions and attitudes to
the risks and consequences
of mobile phone use and
‘attacks’ via SS7
16

|
Respondent Demographics 1667
Total
537 535 595
MALE
FEMALE
45%
55%
MALE
FEMALE
45%
55%
MALE
FEMALE
48%
52%
PREPAID
MONTHLY
26%
74%
PREPAID
MONTHLY
26%
74%
PREPAID
MONTHLY
16%
84%
22% 18-30 yrs
36% 31-50 yrs
42% 51+Survey conducted in Quarter 3 2016
XURA NETWORK SECURITY SURVEY WEBINAR17

Awareness of the problem and risks is low amongst
consumers – and somewhat confused
30% YESAre you aware (or have you heard) of any
security weakness in mobile phone networks
that could make it possible for "hackers" to
perform acts like those described below?
 Make fraudulent calls to “premium rate’
numbers at the subscribers expense
 Register subscribers to "premium rate"
messaging services
 Track the location of the phone
 Listen in to and record phone calls
 Intercept and possibly modify SMS text
messages
 Prevent the subscriber from making calls,
sending SMS texts or getting a data
connection from your mobile
Aus : 28%
UK : 32%
US : 29%
21% of those (6% of total) indicated specific awareness of
SS7 related vulnerability. Other root causes given included:
 OS vulnerabilities – 9%
 App vulnerabilities – 6%
 Operator data leaks – 3%
Vulnerabilities in Bluetooth, the Air Interface and WiFi were
also mentioned, as well as voicemail hacking.
I have heard about journalists using
hackers to listen on celebrities'
conversations, and record them to get
news.
http://www.cbsnews.com/news/
60-minutes-hacking-your-phone/
18

Consumers do not understand the risks
19

|
The following exploits have been associated
with the vulnerabilities in SS7. Which do you
think pose the biggest threat to network
operators?
RESULTS
20

Which "hacks" do you feel are most likely to happen to you?
UK subscribers (58%) feel significantly more at risk of
becoming victims of fraudulent calls being made at
their expense, or being fraudulently registered for
premium rate SMS services. Location tracking is a
bigger concern for US citizens (46%).
Approx.
40%
45% Fraudulent calls made at the subscribers expense
38% Fraudulent registration for premium SMS services
40% Location tracking
0%
10%
20%
30%
40%
50%
60%
ALL Aus UK US Female Male 18-30 31-50 51+
Fraudulent Calls SMS Subscriptions Location Tracking
Call Interception SMS Interception Denial of Service
18-30 year olds (53%) feel significantly more at risk of
becoming victims of location tracking. Fraudulent calls
is a bigger concern for the over 50’s (50%).
If it was possible for "hackers" to hack your mobile network provider and do the things described above, which "hacks" do you feel are most likely to happen to you? (Select up to 3)
21

How severely do you feel you would be affected if
these "hacks" happened to you?
US subscribers generally feel they would be less badly
affected than their UK and Australian counterparts,
except for Denial of Service attacks.
52% Severely or Badly affected
The over 50’s are more concerned about the impact of
fraudulent calls, while 18-30 years olds are more
troubled by location tracking and call and SMS
interception.
Fraudulent
Calls
SMS
Subscriptions
Location
Tracking
Call
Interception
SMS
Interception
Denial of
Service All
Aus
UK
US
52%
37%
36%
39%
58%
Gender plays a big role with males expecting to be
significantly less badly affected than females across all
types of threat.
22

Consumers are worried about fraud
23

What rules do you use to decide whether to grant “apps”
permission to access other features or data on your phone?
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Aus UK US ALL
None Ad hoc rules Strict rules
22% NONE
Males are marginally more likely to simply accept permissions
than females (24% vs 21%) but are almost twice as likely to
apply strict rules (11% vs 6%)
Those aged under 30 are more than twice as likely to simply
accept permissions than those aged over 50 (32% vs 15%)
The application of Strict Rules doesn’t vary with age.
24

How often do you check your balance/bill to verify you
have been correctly charged?
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
All
PayMonthly
Prepay
All
PayMonthly
Prepay
All
PayMonthly
Prepay
All
PayMonthly
Prepay
ALL Aus UK US
"Monthly or more"
"A few times per year"
"Never"
ALL
32% NEVER
Highest ARPU subscribers (top 20%) are only slightly more
likely to check their bills
56% check monthly or more frequently compared with average of 51%
Males and females are equally likely to check their bills every
month
UK Females marginally less so (43%) than UK Males (49%)
When someone else pays the bill 52% of phone users will
never check they have been correctly charged
Those aged between 31 and 50 are least likely to check their
bills monthly
Overall variance is small, ranging from 44% to 55%
25

|
iPhone users vs Android users – which group
places themselves at more risk of mobile-
related cybercrime?
RESULTS
26

iOS
54% more likely
never check their bill
than Android device users
more than 2x
apply no rules
when granting App permissions.
27

Consumers are worried about fraud
They don’t protect themselves
28

|
As a result of SS7 attacks, which of the
following possible effects would be likely to
cause the most significant pain for mobile
network operators?
RESULTS
29

|
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Not at all protected
Slightly protected
Moderately protectected
Well protected
Completely protected
How well does your mobile network provider currently
protect you from "hackers“?
UK subscribers feel marginally less protected by the
network operator than their Australian and US
counterparts. This is most noticeable in relation to
SMS Interception.
61%
Moderately
or better
30

If you became aware that you had been a victim of these
"hacks", what action(s) would you most likely take ?
1 in 3 would inform the telecom regulator –
Australians more so (45%) than Americans
(24%) who are more likely than average to
share the incident via social media.
Half (49%) would seek compensation from
their mobile network provider. In the UK, this
figure rises to 54%. Younger generations are
more likely to follow this course of action than
the over 50’s.
29% would change their provider either
immediately (22%) or at the next renewal date
(7%). The young are more likely to change
providers than the old.
14%
33%
54%
24%
49%
7%
22%
29%
2%
8%
0% 20% 40% 60%
Do nothing
Switch to using 'Apps' to make calls and send messages
more securely
Change my mobile network provider at the next
renewal date
Change my mobile network provider as soon as
possible
Change my mobile network provider
Seek financial compensation from my mobile network
provider
Get a new mobile number, but stay with my current
mobile network provider.
Report the story on social media (e.g. via twitter or
facebook) or via the press
Inform my national telecoms regulator
Inform the police
31

Consumers are worried about cybercrime
They don’t protect themselves
They hold network operators responsible
32

We’re working with operators in every continent to improve security
Fraud and Security Groups
Security Recommendations
Network
Operators
Security
Providers XURA
Audit Network Vulnerability
Monitor Threat Activity
Security Solutions
Xura SS7 Firewall
33

2G, 3G
SS7
4G and beyond
DIAMETER
Solutions for the next signaling security challenge
34

|
QUESTIONS?
XURA NETWORK SECURITY SURVEY WEBINAR35

KEEP
CALM
and
STAY
SECURE
contactxura@xura.com
36
www.xura.com

Mobile Cybercrime - Don’t Leave Your Customers Vulnerable

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (13)

Ähnlich wie Mobile Cybercrime - Don’t Leave Your Customers Vulnerable

Ähnlich wie Mobile Cybercrime - Don’t Leave Your Customers Vulnerable (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (7)

Mobile Cybercrime - Don’t Leave Your Customers Vulnerable