[swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug
Inside-IT did an interview with Andreas Fink (German). He considers himself as the scapegoat for the large security issue SS7 has, and that many mobile operators don't give enough attention to necessary security measures.https://www.inside-it.ch/der-basler-mit-dem-globalen-spionageservice-20230609--Fredy KünzlerInit7 (Switzerland) Ltd.Technoparkstrasse 5CH-8406 Winterthurhttps://www.init7.net/Am 11.05.2023 um 10:18 schrieb Fredy Kuenzler :A similar article has been published by several newspapers of the TX group (german, paywall).Please note that Andreas Fink is a long term and valued member of our SwiNOG community and probably the person with the most SS7 knowledge. I suppose he is subscribed to this mailing list.Weltweite Angriffe auf Telecominfrastruktur – Schweizer ETH-Ingenieur beliefert die Spionage-Industrietagesanzeiger.ch--Fredy KünzlerInit7 (Switzerland) Ltd.Technoparkstrasse 5CH-8406 Winterthurhttps://www.init7.net/Am 11.05.2023 um 09:56 schrieb Matthias Leisi via swinog : (Resend von der richtigen Absender-Adresse)https://www.haaretz.com/israel-news/security-aviation/2023-05-10/ty-article-magazine/.premium/global-surveillance-the-secretive-swiss-dealer-enabling-israeli-spy-firms/0188-0005-dc7e-a3fe-22cdf290The Secretive Swiss Dealer Enabling Israeli Spy Firms(…)It leads from the Americas to Africa to South-East Asia, but also to Basel, a mediaeval town on the banks of the Rhine and the unassuming home of Andreas Fink, a Swiss telecom expert whose unusual skills have placed him at the centre of this industry.(…)reveal how Fink's systems have served as a conduit for probing and attacking phone networks across the globe(…)When contacted by this investigation, Fink admitted to working with companies and “legally entitled government agencies” as a provider of surveillance services.(…)Fink's request to Robert was for "SS7 access" and "a bunch of global titles". In other words, he wanted a list of phone numbers, belonging to Robert's phone company, which could be used to send queries to other networks in other countries. (…)-- Matthias LeisiKatzenrütistrasse 68, 8153 RümlangMobile +41 79 377 04 43matth...@leisi.net___swinog mailing list -- swinog@lists.swinog.chTo unsubscribe send an email to swinog-le...@lists.swinog.ch___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug
nice : https://www.spiegel.de/netzwelt/netzpolitik/andreas-fink-mobilfunkverband-geht-gegen-schweizer-ss7-dienstleister-vor-a-d012c1dd-afb7-4ead-9571-59653abc17e1?sara_ref=re-xx-cp-sh about time ;-) - Am 15. Mai 2023 um 13:31 schrieb Florin Sfetea via swinog swinog@lists.swinog.ch: > Hello all, > > I was reading this old(2018) ENISA Report [ > https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-diameter-5g/@@download/fullReport > | > https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-diameter-5g/@@download/fullReport > ] > Might help in some way but reading it had reminded me of ARP > spoofing/poisoning > attacks which even today are still used and work in a lot of networks that I > have been. :) > > One year later I had open a case with Salt where I requested a public > statement > that they had fixed/mediated the issues discovered up to that time(March 2019) > or at least that a remediation plan was in place. > > Someone from Support answered that " The introduction of 5G will only take > place > if data security is guaranteed for our customers and we can assume that the > security issue will not lead to a delay in the introduction of 5G. " > > I was not satisfied ::)) with the answer and requested an escalation > > They eventually closed my case in July 2019 with: > > " Dear Sir, > > > Salt follows industry best practices in terms of security for its entire > mobile > infrastructures and improves constantly the protection of its mobile > infrastructures and customers. The case you mention is known and has been > addressed accordingly. > " > No public statement nor such other mentions of which fix was exactly > addressed. > > I don't have anything with any mobile provider. At that time it was just > happen > to be Salt. I move from time to time to different other ones. > > I think we should have here in Switzerland more or less a same similar to > ENISA > organization that should supervise and perform regular audits on mobile > providers. Melani/NCSC would that fit your bill? > > I never really had time to further test if any of those vulnerabilities or > newer > where actually fixed. Someone should definitely do it. Free for fame or payed > from a government branch is to > [ > https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements/ > | > https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements/ > ] > > > Regards, > Florin > > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug
Hello all, I was reading this old(2018) ENISA Report https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-diameter-5g/@@download/fullReport Might help in some way but reading it had reminded me of ARP spoofing/poisoning attacks which even today are still used and work in a lot of networks that I have been. :) One year later I had open a case with Salt where I requested a public statement that they had fixed/mediated the issues discovered up to that time(March 2019) or at least that aremediation plan was in place. Someone from Support answered that "The introduction of 5G will only take place if data security is guaranteed for our customers and we can assume that the security issue will not lead to a delay in the introduction of 5G." I was not satisfied ::)) with the answer and requested an escalation They eventually closed my case in July 2019 with: "Dear Sir, Salt follows industry best practices in terms of security for its entire mobile infrastructures and improves constantly the protection of its mobile infrastructures and customers. The case you mention is known and has been addressed accordingly. " No public statement nor such other mentions of which fix was exactly addressed. I don't have anything with any mobile provider. At that time it was just happen to be Salt. I move from time to time to different other ones. I think we should have here in Switzerland more or less a same similar to ENISA organization that should supervise and perform regular audits on mobile providers. Melani/NCSC would that fit your bill? I never really had time to further test if any of those vulnerabilities or newer where actually fixed. Someone should definitely do it. Free for fame or payed from a government branch is to https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements/ Regards, Florin___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug
The two articles about SS7 hacking in my bookmarks: https://www.theguardian.com/technology/2016/apr/19/ss7-hack-explained-mobile-phone-vulnerability-snooping-texts-calls https://www.bloomberg.com/news/articles/2021-12-06/this-swiss-tech-exec-is-said-to-have-operated-a-secret-surveillance-operation#xj4y7vzkg Anyone knows about the advancement of the rollout of the replacement of SS7 in swiss phone operator networks, and its effectiveness to circumvent discovered loopholes over the years? ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
