Legacy Systems and Services Risk Reduction
In the Technology Transitions Order, the focus is on the shift from TDM-based technologies to all-IP networks, highlighting the risks from legacy and modern communication technology integration. The group aims to assess threats, defensive measures, and provide recommendations to tackle vulnerabilities in protocols like SS7 and Diameter. Key members from various tech companies collaborate to achieve the projected deliverables by March 2017, including a Risk Assessment report.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Working Group 10: Legacy Systems and Services Risk Reduction Status Update September 14, 2016 John Kimmins, Co-Chair, iconectiv Danny McPherson, Co-Chair, Verisign FCC Liaison: Steven McKinnon
WG10 Objectives Working Group Description: In the Technology Transitions Order of August 2015, the Commission notes that communications are rapidly transitioning away from TDM-based technologies to new, all-IP multimedia networks. The intermingling of legacy communications technologies with advanced communications technologies introduces new threat vectors and cyber risk. Recently, this issue has gained greater attention in light of the security threats to Signaling System 7 (SS7) and its IP based version SIGTRAN, a signaling protocol supporting call setup, routing, exchange, and billing functions in communications networks by sending messages between fixed and mobile communications service providers. The scale of SS7, which is used by carriers all over the world, means that every network subscriber could be vulnerable to these security risks. As part of a series of requests to CSRIC, the Commission asked CSRIC to examine vulnerabilities associated with the SS7 protocol and other key communications protocols (e.g., Diameter). CSRIC Working Group 10 will assess existing and potential threats and current defensive mechanisms and make recommendations to the FCC on how to overcome security challenges present in SS7 and other communications protocols used between communications networks and their impact on the transition to next generation networks. The first step is the development of a Risk Assessment and Summary Report as described herein. Deliverables: Risk Assessment by December 2016 and Risk Mitigation Strategies Summary Report and Recommendations by March 2017. 2
WG10 Members John Kimmins, Co-chair (iconectiv) Danny McPherson, Co-chair (Verisign) Drew Morin, Director, T-Mobile Tim Lorello, President & CEO Seculore Solutions LLC Travis Russell, Director, Oracle Kathy Blasco, Communications Assessment Lead, DHS\NCCIC Mohammad Khaled, Nokia David Nolan, Electronics Engineer, DHS John Gallagher, Sprint Kathy Whitbeck, Director, Nsight John Marinho, Technology & Cybersecurity, CTIA Philip Linse, Director, Public Policy, CenturyLink Xiaomei Wang, Technical Lead, Verizon Wireless Kevin Briggs, Chief of Continuity Assessment and Resilience, DHS\NCCIC Martin Dolly , ATIS Mark Easley , AT&T Nilesh Ranjan, MTS/Director Systems Design and Strategy Engineering, T-Mobile FCC Liaison: Steven McKinnon 3
WG10 Deliverables Assessment Outline September 2016 Risk Assessment Report Initial Draft - October 2016 Final Draft - December 2016 Summary Report & Recommendations March 2017 4
Expert Outreach Industry Subject Matter Experts - Outreach Silke Holtmanns, Nokia-Bell Labs Aug. 18th Karsten Nohl, SR Labs October 13th James Moran, GSMA October Summary Current Environment Standards Global perspective Threat landscape Mitigation & Counter Measures 5
Risk Assessment Outline Overview of SS7 Background & History Application to Wireline Networks Generic Architectural Overview Relevant Standards & Protocols Transition to New Technology Application to Mobile Network Generic Architectural Overview Relevant Standards & Protocols Transition to New Technology (e.g. DIAMETER) and interworking between SS7 and DIAMETER Reported Threats and Risks Unauthorized Access (e.g. masquerading as a Carrier) Wireline Mobility Use of commercially available interception and tracking technologies Example Use Cases Impact CI Sectors Assessment of Reported Threats and Risks Definition of Terms Targeted Assets (e.g. network nodes, network information) 6
Risk Assessment Outline (cont) Assessment of Reported Threats and Risks (Continued) Threat Vectors & Threat Models Network Impact Services and Information Impact End-User Impact Caller ID spoofing IMSI Catchers Use of commercially available interception and tracking Prioritization/Likelihood/Scope of Threats Current Security Capabilities & Risk Mitigation Scenarios Protections, Detection & Defenses Standards & Practices Tools (e.g. SS7 Firewalls, Gateway Screening, Data Analytics, Network Assessment, Penetration Testing, Reported Security Maps/Services) Network Interconnection Carriers, Aggregators Global Inter-Carrier Roaming Global Assessment Summary Conclusions Items to consider for Risk Mitigation Recommendations 7
Next Steps and Activities Continue documenting initial Risk Assessment draft Continue weekly conference calls SME Presentations hosted Continue to gather specific threat analysis, current practices and assess risks Leverage industry expertise & standards/forums relevant material Provide updates to Steering Committee and Council 8
