Cyber security company Positive Technologies has today launched PT VIP Protect, a technology designed to keep sensitive targets safe from the current and evolving threats from mobile phone hacking. Key business executives, celebrities, and other high-profile individuals operating in sensitive situations all connect to mobile phone networks, which often have fundamental flaws in underlying signalling protocols.
These flaws and vulnerabilities can be exploited to eavesdrop on phone conversations, intercept text messages, track location and commit fraud. It is also possible to forward calls to an alternate number, or kill phone connections entirely.
The new PT VIP Protect allows operators to monitor and automatically detect anomalous network activity, providing their internal teams with actionable notifications. The technology is deployed and directly managed by the operator, no information is ever required to leave the network. All reporting, notifications and resolution are done by the in-house team and the technology does not directly capture any personal voice, text or data traffic.
Addressing the need for PT VIP Protect Michael Downs, Director of Telecoms Security at Positive Technologies explains, “Globally, mobile operators are becoming more aware of the customer risks created by vulnerabilities in the infrastructure they interconnect with. While the general public may not have heard of the complex array of signalling vulnerabilities, there is a growing awareness of the privacy dangers from hacking. This used to be just a technical issue, but recently it has become a brand reputation problem and mobile operators are increasingly sensitive about the churn it causes. PT VIP Protect allows providers to differentiate by offering a premium protection service.”
How PT VIP Protect works:
After deploying the technology, operators can offer dedicated security services to mobile subscribers who require a premium level of scrutiny – either on a temporary or permanent basis. PT VIP Protect allows operators to monitor accounts 24/7 for suspicious activity indicating an attack, which is immediately flagged to security operations teams, with recommendations for action.
The mobile operator using the technology is able to generate on-demand reports that detail:
- All attempts (successful or not) to use SS7 flaws to interfere with a VIP user’s service
- The type of attacks attempted (SMS interception, eavesdropping, location tracking, etc.)
- The source of each attempted attack to the Global Title (GT) level, Source network, Country
- The recommended course of remedial action to address or block the threat.
Downs concludes, “With this service, mobile operators can provide users in sensitive situations with additional reassurance. Using the reports, and depending on the type and severity of attacks, operators can reassure high-profile clients and take appropriate action. Operators can also use the intelligence collected to advise clients if further action is needed – such as updating social media and banking passwords, or reporting attack attempts to law enforcement agencies.”
To find out more about PT VIP Protect, Positive Technologies and its other solutions, visit Positive Technologies’ website.
ENDS
Notes to Editor:
- Signalling System 7 (SS7) is an international telecommunications standard that defines how network elements in a public switched telephone network (PSTN) and mobile networks exchange information over a digital signalling network. Nodes in an SS7 network are called signalling points.
- SS7 is used for these and other services:
o Setting up and managing the connection for a call
o Tearing down the connection when the call is complete
o Billing
o Managing call forwarding, calling party name and number display, three-way calling, and other Intelligent Network (IN) services
o Toll-free (0800) and Premium Service calls
o Wireless as well as wireline call service including mobile telephone subscriber authentication, personal communication service (PCS), and roaming
About Positive Technologies:
Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on Industrial Control System, Banking, Telecom, Web Application, and ERP security, supported by recognition from the analyst community. ptsecurity.com, facebook.com/PositiveTechnologies, facebook.com/PHDays, twitter.com/ptsecurity
