Session Description
Please note these training courses have limited capacity and an additional fee is required to attend. GSMA members will receive a 20% discount. Your place on the course will be confirmed once payment has been received and your confirmation of your pass to MWC Las Vegas 2023.
Your GSMA Advance Certificate of Participation will be issued after you have checked into the course and completed the duration of the course. We look forward to supporting you in advancing your industry knowledge and career journey.
CLICK HERE to register and process your payment via our Learning Management System.
Network Vulnerabilities and Fraud Prevention
Who would this Benefit:
Organisations seeking an introduction to network vulnerabilities from the perspective of both the network operator and the end user. This includes network operators, equipment manufacturers, security solution providers, those engaged in cyber security, regulatory bodies, and government agencies.
Description
The modern telecoms network is based on key principles that were introduced with SS7 (Signalling System Number 7) in the 1970s. However, it was not designed with a great regard for security, and so many vulnerabilities exist. Although later network architectures introduced more secure protocols, as well as IP-based operation, many vulnerabilities still exist in the overall end-to-end scheme.
In this course, we delve into the vulnerabilities that exist from the perspective of both the network operator and the end user. By examining these concerns, we aim to provide a better understanding of the potential risks associated with modern networks – and mitigation strategies.
These vulnerabilities include issues related to SCCP / Global Titles, Message Flooding, Network Impersonation / Traffic Injection, ISUP Layer Attacks, MAP Attacks, IMSI Catchers, USSD money transfer attacks, DoS, spoofing and scanning attacks, call interception and profile stealing.
Access Network Abuse
Circuit and Non-Circuit Related Signalling
Information Needed by an Attacker
Sources of Vulnerabilities
SS7 / ISUP Security Analysis & Vulnerabilities
Passive Scanning, IAM DoS Attacks, Malicious Early Call Release, CLI Spoofing
MTP Network Management Vulnerabilities
Cellular Network Vulnerabilities
Collecting Information, Acquiring a Subscription Profile, MO/MT Intercept
SMS and Fraud
USSD Money Transfer
DoS Towards the Entire Network
Attack On Network Resources
SIGTRAN Vulnerabilities
(Signalling) Bombing Attack
Network Security Mechanisms
Mitigation of Threats
Standard Security Policies
Doors Open: 1:30 PM