We were once again invited, to take part in the exclusive Troopers conference which took place in Heidelberg, Germany, from the 18th – 22nd March 2019. Here’s what our Software and Systems Security Advisor and leading security researcher at Sinch, Fredrik Söderlund had to say about the event and how Sinch are working to help make the telecoms world a safer place.
For the last couple of years, the underlying signalling protocols of telecommunications have been scrutinized from a security perspective. Sinch has during this time been an outspoken and strong contributor to both regulating industry bodies and network operators. Our involvement in events like Troopers strengthens the unique value we offer enterprises as a security aware vendor, as we continue on our quest to reinforce and secure pathways of communication around the world.
Troopers is an annual security conference with a strong focus on information sharing and ground breaking research. It brings together the elite of infosec professionals and researchers to cover a wide range of security topics. Within this spectrum, specific segments are dedicated to telecommunications, IoT and network function virtualization – areas that are vital to the Sinch infrastructure. One such segment is the truly unique, invite only Telecom Security Day, a day dedicated specifically to telecommunications and the latest analysis from operators, researchers, regulators and security agencies.
During the Troopers Telecom Security Day back in 2018, Fredrik was invited to present a unique type of attack over signalling networks under the name of Root Canal. Here we illustrated how network nodes could be compromised and remote controlled by an attacker using only application layer SS7. This was new to the industry, only previously disclosed by Sinch to the GSMA coordinated vulnerability disclosure program in late 2017.
This year we presented on the weaknesses in signalling protocols, and how the complexity of these protocols makes them vulnerable to creative attacks. Attacks that can not only be used to bypass home routers and signalling firewalls, but also completely take down network nodes if left unchecked.
Our presentations over the years at Troopers have been met with great appreciation from the industry – we’ve gained recognition as thought leaders in signalling security and are widely recognized as leaders in this field. Our research is well known by all major network groups and operators, which has helped open many doors for us to collaborate with major operator groups and renowned security researchers in this area.
Attending security conferences like Troopers to present our latest research and findings from working with industry experts in the field builds confidence and trust in our products – a reward that only comes with being at the forefront of the industry. We’re proud to be safeguarding not only millions of subscribers, but also the business models of some of the biggest names in digital communications across the world. Our expertise in signalling is also reflected in how we deal with messaging issues (a signalling-based technology) i.e., how we approach both the messaging market in terms of wholesale revenue share using SMS firewalling, as well as securing the future of SIP, RCS and next generation messaging.
These initiatives, and participation and visibility of Sinch within this exclusive community of security professionals, strengthens our reputation while allowing access to operator level decision makers considering SMS, SS7 and Diameter Firewall products to improve the security of their subscribers, and ultimately their business.