Modern ways of cellular networks hacking, possible consequences and protection methods. Exploitation of SS7 network vulnerabilities and cellular site mimicry
During my presentation I’ll describe some modern ways of cellular networks hacking, such as exploitation of SS7 network vulnerabilities and cellular site mimicry. Unfortunately, first designers of cellular networks who developed them in 80-th of the last century were thinking about quality, about cost and accessibility, but not about security at all. Very few of cellular network user know that nowadays any more or less experienced hacker is able to access your calls, text messages and your GPS location. Usually the purpose of these attacks is getting some private information about calls and messages and a user location tracking. Besides of the passive information collection these attacks could be the a part of accessing victim’s bank accounts credentials and data, or some confidential information linked with the phone number, e.g. popular instant messengers. If I’ll be allowed I would like to demonstrate one of typical attacks on other conference participants. The cellular site mimicry attack requires being placed in the came cell with the victim, however, attacks using SS7 network vulnerabilities could be performed even from the different country. Also, the typical end-user could do nothing with SS7 network vulnerabilities, but really efficient defence methods against cellular site mimicry exist, which also will be described in my presentation. In conclusion, I’ll tell about protected alternatives to SS7 networks.