SS7 millefeuille: firewalling in an inferno of legacy protocols
Interconnect security is a concern that GSMA and other entities have begun to address, through for example configuration and definition of new systems, signalling firewalls. Threats and attacks target privacy, availability, but remote compromise of Telco systems is rarely considered. Newly branded SS7 firewalls do protect against identified threats, but are they resilient to advanced attackers ?
Our presentation will first introduce the concepts behind SS7 firewalls: what do they protect from, how do they integrate into legacy ecosystem, what are the hot keypoints, how to they handle flexibility vs technical complexity.
Next, it will focus on the results of an audit performed on one of the COTS solution. From dashboard to undully exposed services, target product will be analyzed and several weaknesses will be exploited to achieve remote code execution.
Last, we will perform a deep drill on the implementation of SS7 / SIGTRAN millefeuille to spot and remotely exploit a flaw, putting interconnect signalling and associated personal data at risk.
The vendor has fully cooperated, and its product is now immune to all the vulnerabilities we will highlight.