Thursday October 10, 2019

FS.21 Interconnect Signalling Security Recommendations

Mobile network Operators (MNOs) have historically treated all signalling messages received from outside the network as trusted and necessary. As access to and use of the signalling networks has evolved, interconnect signalling protocols such as Signalling System number 7 (SS7), Diameter, and the GPRS Tunnelling Protocol (GTP) have been discovered to be vulnerable to exploitation.

GSMA has produced a number recommendations for mobile Operators to mitigate these risks and prevent attacks by monitoring and filtering signalling traffic, leading to greater protection for their customers and businesses.

This document highlights key risks associated with interconnect security vulnerabilities and outlines suggested approaches to mitigate these risks for mobile Operators.

Audience: Risk practitioner, Technical security practitioner

Resource technology specifics: Core network

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment

 

Key benefits
  • Highlights key risks associated with interconnect security vulnerabilities.
  • Outlines suggested MNO responses to such risks.
  • Provides information as what should be included in a business case for investment in interconnect signalling security.
  • Provides tips on what should be included when issuing RFI/RFP.
  • Provides references to more technical documents where relevant.