In summary, SS7 protocol is used for:

  • Call setup and management
  • Roaming and mobile subscriber authentication
  • Number portability
  • Supplementary/additional call features
    such as call forwarding
  • Retrieval of routing information
  • Billing and routing
  • Short Message Service (SMS) routing
    and termination
  • PSTN information-exchange functions

Initially, the SS7 protocol was designed and scoped for a closed telecommunications community since at the time only a few telephone companies existed, therefore operating in a well-defined network boundary environment

SS7 has relied on the concept of isolated signalling networks for much of its security but the new and evolving scenarios changed this paradigm, increasing the exposure of the mobile networks

SMS Gateways and aggregators also started using this protocol back in the 2000’s to terminate traffic on operators – SS7 is no longer a protocol used by a closed group only

Nowadays network operators are vulnerable and are being continuously exposed to new and unpredictable attacks.

SS7 Vulnerabilities

Most of the common fraud activities over SS7 consist of abuse performed by altering, requesting or misusing several parameters used in the MAP and CAMEL messages.

Another commonly exploited SS7 vulnerability is the SCCP layer manipulation. This is performed by setting spoofed or faked calling SCCP address GT.

Subscribers’ exposure

These SS7 vulnerabilities and unprotected Mobile Network Operators expose their subscribers to multiple threats including:

  • unaccounted chargeable events
  • invalid subscriber information
  • unauthorized provisioning of subscriber services
  • eavesdropping on call events
  • subscribers’ service disruption

HAUD SS7 Firewall provides comprehensive protection for SS7 interconnect security including:\

  • subscribers within the home network
  • subscribers roaming outside the home network (outbound roamers)
  • visiting subscribers from other networks (inbound roamers)