FS.21 Interconnect Signalling Security Recommendations

Friday 20 Dec 2019 | Deployment | Operational | Procurement |

FS.21 Interconnect Signalling Security Recommendations image

Mobile network Operators (MNOs) have historically treated all signalling messages received from outside the network as trusted and necessary. As access to and use of the signalling networks has evolved, interconnect signalling protocols such as Signalling System number 7 (SS7), Diameter, and the GPRS Tunnelling Protocol (GTP) have been discovered to be vulnerable to exploitation.

GSMA has produced a number recommendations for mobile Operators to mitigate these risks and prevent attacks by monitoring and filtering signalling traffic, leading to greater protection for their customers and businesses.

This document highlights key risks associated with interconnect security vulnerabilities and outlines suggested approaches to mitigate these risks for mobile Operators.

Audience: Risk practitioner, Technical security practitioner

Resource technology specifics: Core network

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment

 

Advantage Disadvantage
  • Highlights key risks associated with interconnect security vulnerabilities.
  • Outlines suggested MNO responses to such risks.
  • Provides information as what should be included in a business case for investment in interconnect signalling security.
  • Provides tips on what should be included when issuing RFI/RFP.
  • Provides references to more technical documents where relevant.
  • Does not describe technical vulnerabilities, potential attacks or controls in detail.
  • Specific details for the business case vary in detail.
  • GSMA member confidential