View on GitHub

TelcoSecWatch

SwitHak' Place for my Telecommunications Security Watch

MESSAGETAP is a malware discovered by FireEye. Its purpose is collecting SMS data directly from the SMS-C.
Only the SCCP, SCTP, & TCAP protocols are tapped.
The SMS interception is done if one of these three criteria match (SMS message contents includes one watched keyword; the IMSI number AND/OR the source and/or destination phone numbers are on the watch list)
Source: MESSAGETAP: Who’s Reading Your Text Messages?

Orange Tsai discovered five vulnerabilities inside Chunghwa Telecom home modem (HiNet GPON) which he estimates can affect more than 250,000 devices.
These vulnerabilities permit to gain access from Internet to any vulnerable local network which has a vulnerable modem and have the ability to execute code with root privileges.
Source: You use it to go online, I use it into your intranet! Chunghwa Telecom data machine remote code execution vulnerability

Presentation gave by Ravishankar Borgaonkar & Altaf Shaik at SECT-T conference
Source: 5G IMSI Catcher? - Exploiting vulnerabilities in 5G access network protocols

The U.S. are aware of their weaknesses in the 5G domain. They have the projects to financing opensource to establish a strong adversary against others parties.
This move is interesting, U.S. can’t lead the 5G, so they want to funds options, wants to use them to set up standards, not by the force but by the most-used technologies.
Source: Supply Chain Security, Global Competitiveness, and 5G

Decree of the Government of the Russian Federation of October 12, 2019 No. 1316 “On approval of the Regulations on conducting exercises to ensure the stable, safe and holistic functioning of the information and telecommunication network” Internet “and the public telecommunication network in the territory of the Russian Federation”
Russia offial publications site

The paper aims to give some best pratices to locates smallcells.
The paper is more focussed on the commercial aspect (ROI) but have some interesting insights like the specter mess due to HetNets (Heterogeneous Networks) caused by the Multi-RAT technologies.
Despite the hype, the Machine Learning can be useful in the design of HetNets like the whitepaper shows for Manhattan district.
Source: WP-PDF: Precision planning for 5G Era networks with small cells

Optus, estimated to have around 300 sites for 5G, launches his 5G networks for Home broadband.
Optus ambition is to reach 1200 sites at the end of March 2020.
The launch is interesting, but the coverage is limited to some cities and not include indoor, which is the most complicated coverage to reach.
Another interesting fact is Optus only provide the Nokia 5G modem: Nokia FastMile 5G Gateway.
Source-1: Optus expands 5G broadband and mobile offers
Source-2: Nokia FastMile 5G Gateway - Technical Specifications

Yantar, a suspected ship to do spying under the sea on SCC (Submarine Communications Cables) was seen around the Americas recently.
This ship, despite running for oceanographic mission, is more known to be a Russian intelligence ship with the purpose of spying on the SCC for the GUGI.
Source-1: Russia’s Suspected Internet Cable Spy Ship Appears Off Americas
Source-2: Yantar analysis

CRITIFENCE published a web portal where we can find SCADA default passwords, like routers per eg.
Source: SCADA Default Password (SDPD)

If you spotted errors, missing information or anything you want to report, feel free to contact me on Twitter: @SwitHak

SwitHak