The interception of calls is quite a challenging task, but not only intelligence services can pull it off. A subscriber may become a victim of an average hacker who is familiar with the architecture of signaling networks. Commonly known SS7 vulnerabilities allow for the interception of phone calls and texts, can reveal a subscriber’s location, and can disconnect a mobile device from a network.
In 2015, Positive Technologies experts conducted 16 sets of testing involving SS7 security analysis for leading mobile EMEA and APAC operators. The results of the top three projects are included in the statistics below. In this article, we will review the security level experienced by mobile network subscribers, as well as all industrial and IoT devices — from ATMs to GSM gas pressure control systems, which are also considered mobile network subscribers. This article describes detected issues and suggests ways to counter threats.