When you speak about telecom networks, people believe in magic, powerful and super secure networks. On the contrary, we’ll show here how some fuzzing now considered quite typical for TCP/IP looks like science fiction for telecom signaling networks. Real world HLR-crashing attacks will be demonstrated and explained during this conference. Recognizing the problem about 2G and 3G networks: totally inadequate MSC and HLR equipment hardening at the vendor level, unpatched TCAP vulnerability for 10 years (!), total openness to spoofing at the STP level, lack of perimeter protection, and on top of it, lack of recognition of the problem has made the problem rampant. One big false sense of security now comes from the belief that switching to 4G, S1 and X2 protocols and SIP-I and SIP-T as a replacement of the old signaling network protocol suite would help. The problem does not lie in the technology but the lack of understanding of the security implication of signaling outside fraud and reliability. Vulnerabilities and malicious attackers are joining the party and ruining the designs and plans for perfect security. We’ll see how the same patterns of vulnerability and fallibility of these past signaling systems and networks are now causing country-wide outage in 3G and 4G LTE networks such as in Vodafone, O2, France Telecom Orange and many other operators.
Founder of P1 Security and Senior Researcher for Telecom Security Task Force. Philippe Langlois has proven expertise in network security. He founded and led technical teams in several security companies (Qualys, WaveSecurity, INTRINsec) as well as security research teams (Solsoft, TSTF). He founded Qualys and led the world-leading vulnerability assessment service. He founded a pioneering network security company Intrinsec in 1995 in France, as well as Worldnet, France’s first public Internet service provider, in 1993. Philippe was also lead designer for Payline, one of the first e-commerce payment gateways. He has written and translated security books, including some of the earliest references in the field of computer security, and has been giving speeches on network security since 1995 (Interop, BlackHat, HITB Dubai, Hack.lu). Now Philippe is providing with P1 Security the first Core Network Telecom Signaling security scanner which help telecom companies, operator and government analyze where and how their critical telecom network infrastructure can be attacked. He can be reached through his website at: http://www.p1security.com.