December 14, 2011

How to Hack a Telecommunications Company and Stay Alive


Sergey Gordeychik, Technical Director of Positive Technologies, presented his research work on information security of telecommunications companies at the ZeroNight conference. 

How is penetration testing performed for telecom networks? What dangers to expect from subscribers? How to avoid financial losses under hacker attacks?

See his 71-slide presentation How to Hack a Telecommunications Company and Stay Alive under the cut.

December 13, 2011

How to Hack a Telecommunications Company and Stay Alive

Sergey Gordeychik, Deputy CEO at Positive Technologies

Penetration testing of telecommunications companies' networks is one of the most complex but still interesting tasks. Millions of IP addresses, tens of thousands of hosts, hundreds of web servers — and just a month for all this. What challenges are waiting for an auditor during the telecom network testing? What notes should be taken?

What is so peculiar about telecoms?
The present-day telecommunications companies serve tens or sometimes hundreds of subscribers, which obliges such companies to build and support huge networks. Most of the companies of the field are going through a convergence process, which is merging different services: broadband and wireless access services, hosting, mobile communication, VoIP and PST of different regions and countries as a part of a company, network and on convergent technological platforms.