This comprehensive security assessment Program has been developed by our expert team with decades of experience and expertise in deploying global telecom security projects. This Program covers testing across the telecom network ecosystem - signalling network, SIP deployments, RAN, SIM cards and VoLTE.
Our Telecom Security Assessment (TSA) program provides complete visibility into the actual state of signalling protection across SS7, Diameter, GTP protocols. These detailed assessments (TSA) highlight potential attack vectors on signalling network and other risks, thus keeping the network and subscribers safe.
We have also developed a SecurityGen Telecom Training module, tailored to customer requirements, and conducted by our team of experienced researchers. Our in-depth training Program cover SS7 Security Training, Diameter Security Training and GTP Security Training.
Our SIP Security assessment focuses on non-SIM based access or No SIM SIP User Agents (Hosted Voice), SIP trunking and SIP Interconnect. This assessment requires remote access to Customer SIP environments (via VPN or Internet).
This assessment addresses VoLTE and VoWiFi. These services use SIM-enabled equipment to access the mobile network but utilize different connection mediums. As with SIP assessments, there has been a substantial amount of investigation into VoLTE testing that reflects all details and threats highlighted in GSMA FS.22, GSMA FS.38 other relevant documentation for access using SIM-enabled SIP devices. This assessment requires onsite presence of our specialists
Adversaries can exploit the Radio Access Network (RAN) that connects subscriber mobile devices with the core wireline network through attack vectors that can interact, capture, replay and inject signals. These attacks may range from eavesdropping on conversations between mobile devices and Base Stations (BS); cloning of mobile subscribers to use network resources without paying, creating fake BSs, enticing users to camp at these phony BSs, to ‘denial of service’ attacks on the RAN and social engineering against subscribers.
SIM card security assessments cover a set of services that help detect potential vulnerabilities related to the installed SIM card. This assessment conducted remotely and with proper authorisation helps detect whether the customer's signalling network transmits illegitimate signalling messages that allow hackers to deliver a binary SIM. It also helps evaluate if the customer's SIM cards contain potentially dangerous applications which can compromise data integrity and security.
During testing, our specialists will use various tools, including the SecurityGen Artificial Cybersecurity Expert which has been developed by our telecom security team based on their extensive experience in researching the security of signalling networks and a modified Open-Source SIM Tester.
During testing, we have 3 standard stages:
There are two main eSIM deployment schemes – a consumer eSIM solution and a M2M eSIM solution. For consumer eSIMs, the profile activation is initiated by a user device. In the case of M2M eSIMs activation is initiated by the network. This document describes the methodology for eSIM security assessments for consumer eSIMs only. The customer provides the SecurityGen team with a web-link or QR-code of an eSIM registration. Our experts then try to execute attacks aimed at eSIM confidentiality, integrity, and availability. Interaction with the Customer employees is not required.
During the eSIM Security Assessment, we test vulnerabilities of:
The eSIM Security Assessment empowers MNOs with detailed information on: