Friday, October 15, 2021

Everything about Signalling System 7(SS7)

Must Read

Python release quick updates to Fix remote code vulnerabilities

The Python Software Foundation (PSF) has rapidly launched Python 3.9.2 and 3.8.8 to address two significant security breaches, including...

WA Auditor Shows Concern about security Methods within state Registry System

Auditor General publishes findings 18 weeks after the audit has been complete because she feared that the danger was...

There was an average of 419 new threats per minute In Q2 2020

McAfee published a report analyzing cybercriminal activity associated with malware along with also the growth of cyber dangers from...

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN). In the SS7 network, Nodes are known as signaling points.

SS7 is a set of rules that are used to the smooth working of a telephony signaling system. It may also be called Signalling System No. 7, SS7, or SS7 is often referred to as Common Channel Signaling System 7 (CCSS7) in North America.

What are Signaling System 7(SS7) attacks?

SS7 attack is an exploit that takes advantage of a security weakness in the SS7(Signalling System 7) to theft data, eavesdropping, text interception, and location tracking.

SS7 attack is a type of cyber attack that uses a security flaw in the SS7 protocol to compromise and capture voice and SMS communications on a mobile network. 

SS7 Regulates the Network Infrastructure

The SS7 network handles all the routing decisions and supports all telephony services such as 800 numbers, call forwarding, caller ID, and local number portability (LNP). The voice switches that carry the telephone conversations are known as “service switching points” (SSPs). The SSPs query “service control point” (SCP) databases using packet switches called “signal transfer points” (STPs).

The SS7 include the following services:

  • call setup, management, and teardown
  • call forwarding
  • automated voicemail
  • Wireless services such as personal communications services (PCS), wireless roaming, and mobile subscriber authentication
  • call waiting
  • conference calling
  • Local number portability (LNP
  • Billing
  • toll-free (800 and 888) and toll (900) calls
  • SMS
  • mobile phone roaming and tracking
  • Efficient and secure worldwide telecommunications

Detection and Mitigations

Network Operators may be able to use firewalls to detect and block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC). 

For text messages, avoiding SMS and instead of using encrypted messaging services such as Apple’s iMessage, Facebook’s WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network, protecting them from surveillance.

Billions of mobile phone users worldwide, the risk of you being targeted for surveillance by cyber-criminals is probably small.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This