Telecom Incident Investigation

Telecom Incident Investigation

The goal of Telecom Incident Investigation services is to investigate existing vulnerabilities in signalling network. The follow-up mitigation of vulnerabilities and associated risks is a critical element that in turn leads to a reduction in the corresponding financial and reputation risks.

The key objective is to undertake a detailed analysis of the security incident; identify and present critical details about malicious activity based on the time of the incident. The investigation also aims to identify and recommend actionable remediation steps, which might be short term steps (Workaround) or medium/long term based on industry best practices (GSMA, ITU, 3GPP, etc.)

SecurityGen has defined a framework of Telecom Incident Analysis (TIA) conducted by its experts, enabling all those within the ecosystem to protect themselves better. The TIA consists of a set of investigation steps, including the detailed incident description, issue analysis and comprehensive remediation steps to close the incident in the shortest time from its reporting.

The Telecom Incident Analysis comprises of the following service packages:

  • Incident justification: Identify and evaluate whether a particular incident is a false alarm, a limited incident or a wide-scale compromised one
  • Retrospective analysis: Analyse exactly what transpired within through an incident timeline report
  • Workaround options: Identify and evaluate best options to be implemented as immediate incident response
  • Attack motivation: Provide new leads and updates about attacker activity
  • Consequence: Evaluate related activity, artefacts and data
  • Impact: Assess how the threat compromised security levels
  • Reproduction: Offer evidence about incident simulation