There are several core services of telecommunication that are still running under flawed protocols like Signally System No. 7 or SS7. The SS7 protocol to be more specific becomes the center of cyber threats to banking industry. This is due to the reason that hackers can intercept easily the 2FA authentication codes and be able to funnel all user’s account they want.
Newer protocols similar to Session Initiation Protocol or SIP can be vulnerable to cyber threats too without having proper regulations in place.
To give you an example, back in 2018, there’s a group of hackers who managed to stage DoS or Denial of Service attack against Cisco equipment via leveraging malformed SIP traffic.
On the other hand, implementing improved signalling controls could be challenging for majority of telecom services because of:
- Privacy concerns
- Overall complexity
- Global title leasing
- Supply chain issues
- Traffic integrity and;
- Network misconfigurations
This is mostly used on VOIP or Voice Over Internet Protocol. However, without thorough security, hackers would be able to tap into the encrypted calls and distribute the SIP malware and tamper the services being used. There are several other threats under SIP too such as SIP trunk hacking, eavesdropping, SIP toll fraud, DDoS attacks on PBX systems and caller ID spoofing.