Nordic Perspective on SS7

Senior Specialist Heidi Kivekäs (@KivekasHeidi) 18 Dec 2014 The Washington Post article "German researchers discover a flaw that could let anyone listen to your cell calls" 19 Dec 2014 FICORA sends to Finnish MNOs a questionnaire What is the level of protection? FICORA contacts main vendors What are the technical possibilities to detect and prevent abuse? 23 Dec 2014 FICORA compiles a summary of the findings It was noticed that MNOs are protected against some of the abuse methods but not all 27 Dec 2014 Chaos Communication Congress Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

FICORA's assessment is that severity of SS7 security issues is high FICORA takes very seriously the possibilities to abuse the SS7 network Even if it may be argued, that possibilities for abusing SS7 message traffic are somewhat difficult to utilize This is the reason why FICORA instantly started to investigate the situation, and why FICORA has insisted to add security measures to protect Finnish networks and end users Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

Senior Specialist Heidi Kivekäs (@KivekasHeidi) 5 Jan 2015 FICORA sends to 4 Finnish MNOs a more detailed questionnaire 21 Jan 2015 FICORA compiles a summary of the findings There is a need for having additional protection and improving detection capability January 2015 Information exchange between Nordic NRAs is initiated January - June 2015 Several meetings with MNOs and vendors Discussions on how to improve level of protection Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

Senior Specialist Heidi Kivekäs (@KivekasHeidi) Gradually shapes an idea of establishing best practices for defending the SS7 network in Nordic region MNOs in all Nordic countries acknowledge the threat and they are at least willing, in most cases even eager to implement new protection and detection measures Hard regulatory intervention (such as regulation) seems oversized action, besides we might not like that the measures taken are public information All Nordic regulators were active within this area and working on same questions Legislation concerning telecom industry and even the operation of public authorities is highly similar in all Nordic countries Nordic NRAs have confidential relations and well operating network and information security group There are pros for operators and vendors Faster and cheaper for vendors to implement Cheaper for operators to comply, because product development costs are shared among larger group Common recommendations are easier for those operators who have networks in several Nordic countries to comply because there is no need to make country specific adaptations Why not join efforts? Next step of NRA co-operation: from information sharing to co-operation Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

Senior Specialist Heidi Kivekäs (@KivekasHeidi) April 2015 Mutual decision between NRAs of Finland, Sweden, Norway, Denmark and Iceland to start drafting Common Nordic Recommendations The goal was set to develop a set of joint Nordic recommendations that describe reasonable expectations on implemented protection and detection measures The recommendations are expected to simplify dialogues between NRAs and operators as well as between operators and vendors 3 Sep 2015 A draft Nordic Recommendation is sent to MNOs for comments 14 Sep 2015 also a hearing event 18 Dec 2015 The Common Nordic Recommendations on SS7 Security Issues were approved by all Nordic regulators Recommendation is not public Legal status will depend on each country May also be binding if reference is included in ordinances, decisions etc. Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

Senior Specialist Heidi Kivekäs (@KivekasHeidi) 12 January 2016 A press release about the recommendations is published "FICORA calls for a single information security level for mobile network in the Nordic countries" https://www.viestintavirasto.fi/en/ficora/news/2016/ficoracallsforasingleinformationsecuritylevelformobilenetworkinthenordiccountries.html 30 March 2016 FICORA sends to MNOs a request to report on how and when they are implementing the recommendations June 2016 FICORA arranges meetings with MNOs to discuss their answers and timeline for the implementation Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018

Senior Specialist Heidi Kivekäs (@KivekasHeidi) Are we ready now? Common Nordic Recommendation is a living document hence it may be updated if such needs arise In 2017 Nordic NRAs have been discussing about Diameter issues Again several meetings and research has been made Also GSMA is active in this area, so we are considering possibilities to benefit their already done work A second follow-up survey on the implementation of the SS7 recommendation On 16 February 2018 a request to report was sent to Finnish MNOs After responses, next steps will be evaluated Past couple years have shown that SS7 abuse attempts do happen This work has not been in vain Senior Specialist Heidi Kivekäs (@KivekasHeidi) 28 Feb 2018