Key business executives, celebrities, and other high-profile individuals operating in sensitive situations all connect to mobile phone networks, which often have fundamental flaws in underlying signalling protocols.

These flaws and vulnerabilities can be exploited to eavesdrop on phone conversations, intercept text messages, track location and commit fraud. It is also possible to forward calls to an alternate number, or kill phone connections entirely.

Advertisement

The new PT VIP Protect allows operators to monitor and automatically detect anomalous network activity, providing their internal teams with actionable notifications.  The technology is deployed and directly managed by the operator, no information is ever required to leave the network. All reporting, notifications and resolution are done by the in-house team and the technology does not directly capture any personal voice, text or data traffic.

Addressing the need for PT VIP Protect Michael Downs, Director of Telecoms Security at Positive Technologies explained: “Globally, mobile operators are becoming more aware of the customer risks created by vulnerabilities in the infrastructure they interconnect with. While the general public may not have heard of the complex array of signalling vulnerabilities, there is a growing awareness of the privacy dangers from hacking. This used to be just a technical issue, but recently it has become a brand reputation problem and mobile operators are increasingly sensitive about the churn it causes. PT VIP Protect allows providers to differentiate by offering a premium protection service.”

Advertisement

How PT VIP Protect works:
After deploying the technology, operators can offer dedicated security services to mobile subscribers who require a premium level of scrutiny – either on a temporary or permanent basis. PT VIP Protect allows operators to monitor accounts 24/7 for suspicious activity indicating an attack, which is immediately flagged to security operations teams, with recommendations for action.
The mobile operator using the technology is able to generate on-demand reports that detail:
•         All attempts (successful or not) to use SS7 flaws to interfere with a VIP user’s service
•         The type of attacks attempted (SMS interception, eavesdropping, location tracking, etc.)
•         The source of each attempted attack to the Global Title (GT) level, Source network, Country
•         The recommended course of remedial action to address or block the threat.

Downs concluded: “With this service, mobile operators can provide users in sensitive situations with additional reassurance. Using the reports, and depending on the type and severity of attacks, operators can reassure high-profile clients and take appropriate action. Operators can also use the intelligence collected to advise clients if further action is needed - such as updating social media and banking passwords, or reporting attack attempts to law enforcement agencies.”