Diameter signaling has similar vulnerabilities as SS7
Location tracking, interception of voice and text messages, denial of service and account fraud are all potential attack vectors associated with the Signaling System 7 protocol. And those same vulnerabilities can be applied to diameter signaling, according to a recent report from the FCC’s Communications Security, Reliability and Interoperability Council (CSRIC).
SS7 is the signaling protocol for 3G networks while diameter signaling is used to route traffic in an LTE or IP network. In an interview with RCR Wireless News, Oracle Director of Cybersecurity for Service Provider Networks Travis Russell, also a CSRIC member and author of the report, said bad actors are becoming increasingly interested in exploiting diameter signaling.
“There have been breaches on SS7,” Russell said. “It’s the same use cases and same vulnerabilities in SS7 that we reported on diameter. In diameter, it’s a bit different because most all of the networks are still using SS7 to connect and not the diameter protocol. We wouldn’t expect to see a lot of activity on diameter yet.” Network operators “are saying that in some cases they are seeing some probing, but it’s hard to really substantiate what that is.”
Given the importance of network security to service providers’ value propositions, why is the status of diameter vulnerabilities hard to gauge? “First off,” Russell said, “corporations are very, very reluctant to share breach incidents unless they absolutely have to because of the clear implications when they have to publicly announced like that. Everybody is a little hesitant to do anything publicly. But even in a secure environment we kind of lack a vehicle where industry and operators…can share vulnerability information in a secure environment.” As Russell was making that comment, Facebook founder and CEO Mark Zuckerberg was on Capitol Hill testifying about the social media giant’s data privacy and sharing practices, among other issues.Â
Based on his work with Oracle and with the FCC, Russell said service providers are concerned about the security “on the interconnect. Everybody has come to the realization that this is serious stuff. There’s a lot of work going on to secure the signaling network. We’re seeing a lot of activity and requests from customers to add more security capabilities for diameter.”