Geneva, Switzerland 22 October 2019
The International Telecommunication Union (ITU) organized a “Brainstorming session on Signalling System No.7(SS7 ) vulnerabilities and the impact on different industries including digital financial services”, which took place on the 22 October 2019 (14h00-18h00 Geneva time) at ITU Headquarters, Rue de Varembé 2, Geneva, Switzerland. The workshop took place during the ITU-T Study Group 11 meeting which took place in the same venue from 16-25 October 2019.
Signaling System No. 7 (SS7) is a stack of signaling protocols, which was initially developed by ITU (CCITT) in the mid-1980s. Since then, SS7 standards has become a generic stack which are widely applied in public switched telephone network (PSTN) all over the globe. With the growth of mobile telecommunications and appearance of the MAP and CAP protocols, SS7 stack has become suitable for public land mobile network (PLMN), e.g. 2G, 3G networks. Later, SS7 migrated to SIGTRAN stack developed by IETF which allows operators to setup interconnection of SS7-based networks over IP networks. Furthermore, the SS7 logic migrated to DIAMETER which is currently widely used for interconnection of IMS-based networks, including 4G (VoLTE/ViLTE).
At the development stage, SS7 was designed to be managed by operators with the understanding that anyone connected to SS7 network was considered trustworthy. With the current network environment, including interconnection over the Internet, SS7-based networks have become vulnerable and can be easily attacked. Moreover, the latest move to Diameter protocol has not solved any of the basic vulnerabilities found in SS7.
Presently, there have been multiple cases where SS7 vulnerabilities have been used for different hackers’ attacks. Amongst well-known attacks on SS7 networks include telephone spam, spoofing numbers, location tracking, subscriber fraud, intercept calls and messages, DoS, infiltration attacks, routing attacks, etc.
As of now, more and more stakeholders are using SS7-based ICT networks for over the top services including digital finance services (DFS). However, the vulnerabilities of SS7 have increased the risk of illegal usage of customers’ applications, resulting in the unlawful take-over of their assets.
At present, ITU-T SG11 is working on different aspects on how to improve the situation. Among the achieved outcomes and ongoing activities are:
Revised SS7 related standards – Recommendations ITU-T Q.731.3, Q.731.4, Q.731.5 and Q.731.6 (04/2019).
In order to accommodate some Member States’ urgent demands relating to the spoofing of calling party number, the revised ITU-T Q.731.3 specifies an exceptional procedure for transit exchange connected to CPE (Customer Premises Equipment) with the purpose of providing predefined calling party number by the originating operator.
- Ongoing ITU-T Q.SR-Trust: “Signalling requirements and architecture for interconnection between trustable network entities”
This draft Recommendation defines the signalling architecture and requirement for interconnection between trustworthy network entities based on the existing and emerging technologies. Based on the architecture, it specifies the interfaces and signalling requirements between the functional entities. It also presents procedures to be applied for the signalling, security consideration, etc.
Ongoing Technical Report ITU-T TR-SS7-DFS “SS7 vulnerabilities and mitigation measures for digital financial services transactions”.
In most developing countries where DFS is popular, most of the end-users do not have reliable and accessible means to connect to Internet and thus, rely heavily on the mobile communications infrastructure. The communication channels in which the end-user communicates with the DFS provider are mostly Unstructured Supplementary Service Data (USSD), Short Messaging Service (SMS). USSD and SMS have long been known as “broken” and have many published vulnerabilities, some over 20 years old, which enables attackers to commit fraud and steal funds.
The core issue that inhibits the mitigation of these vulnerabilities is a misalignment of interests and misplaced liability between the telecom and the financial regulators.
The goal of the new Technical Report is to advance the implementation of countermeasures and mitigation strategies within the telcos by advancing regulation and standardization of such measures both for telcos and for financial institutions.
The workshop was therefore dedicated to brainstorming on the potential way forward to enhance the security mechanisms of SS7 and its adoption rate among telcos in order to defend all stakeholders from related attacks. The key aim of the brainstorming session was to identify the roadmap for fixing these issues.
Participation in the workshop was open to ITU Member States, Sector Members, Associates and Academic Institutions and to any individual from a country that is a member of ITU, who wished to contribute to the work. This included individuals who are also members of international, regional and national organizations, interested stakeholders, including telecom operators, regulators, SDOs and financial institutes. Participation in the workshop was free of charge, however seats are limited and no fellowships will be granted. The workshop will be held in English only.