Telco security

Leveraging an extensive expertise in mobile network hacking, the SRLabs’ team supports mobile networks worldwide in measuring hacking risks, selecting appropriate mitigations to close the identified gaps, and finally, establishing effective security processes.

“We help telcos to build and secure next generation mobile infrastructures.”

Identify structural gaps
We validate that all claimed protection measures are effective in practice, usually after reviewing architectural documentation.
The hacker view
We analyze all possible entry points and focus on what really matters for hackers. Sometimes the most trivial paths are the most successful to compromise a network.
Mitigate effectively
We recommend meaningful risk mitigation measures and set the right priorities for each identified risk, along with leveraging existing technology and assessing what else needs to be acquired.

Our Approach

We provide a holistic view on all vulnerabilities, first covering all network entry points and then going further into each internal network interface. We look for unnecessary exposure, configuration hardening issues, missing patches, ineffective monitoring and other security issues.
Telco network
1
Exposure scan
2
Interconnect pentest
3
SIM & SMS security
tests
4
RAN security check
5
IMS/RCS/VoLTE
security tests
6
Telco platform
element pentest
Objective
We detect exposure of telco systems on two perimeters: Internet (IP) and Subscriber (IP over LTE)
SS7 and Diameter pentest covering remote fraud, tracking, or interception threats
We validate best practices around SIM cards, including file system permissions, applications, and check if binary SMS are correctly blocked
We collect configuration parameters of RAN technologies over the air and compare them to GSMA/3GPP best practices
We test voice and messaging infrastructures for common configuration mistakes and adherence to security best practices
We find exploitable vulnerabilities, best practice deviations in legacy networks EPC, IMS, RAN, 5G, NFV and private cloud environments
Deliverables
Network segregation gap analysis and architecture gaps
Interconnect firewall gaps and remote telco attack threat overview
SIM config gap analysis and SMS attack exposure overview
Protection report for over-the-air intercept, impersonation/fraud, and IMSI catcher attacks
Best practice violations report per infrastructure. Risk overview over all voice and messaging infrastructures
Gap analysis per telco node, end-to-end attack testing, local telco attack threat overview

Why it matters

We proudly assist mobile operators across the globe and secure the deployment of cutting-edge mobile technologies. It is crucial to have full understanding of the threat landscape, available technologies, business demands and potential impact of attacks. SRLabs weighs these risks for you and makes clear recommendations on whether they need to be mitigated or can safely be accepted.

Our research

SRLabs has been driving telco security evaluation for over a decade. Through our research into innovations like GSM intercept, tracking and impersonation, we have made an outsized impact across the telco ecosystem.

Explore more

aLL articles
New SIM attacks de-mystified, protection tools now available
New SIM attacks de-mystified, protection tools now available
telco
device hacking
27/9/2019
When your phone gets sick: FluBot abuses Accessibility features to steal data
When your phone gets sick: FluBot abuses Accessibility features to steal data
android
telco
21/12/2021
Hacking mobile networks has gotten a lot more interesting with 5G and Open RAN
Hacking mobile networks has gotten a lot more interesting with 5G and Open RAN
telco
redteam
8/8/2022