RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Saturday, July 18, 2026
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Add RCR Wireless as a preferred source on Google
  • Qualcomm 6G Insights
  • Huawei Content Hub
  • Qualcomm – 6G Vision
  • OSS/BSS Channel
  • RCRTech Roundtable: AI Infrastructure
RCR Wireless
RCR Wireless
  • Advanced Mimo
  • Mobile mmWave
  • 5G Positioning
  • Green Networks
  • Metaverse
  • Automotive
  • Industrial and Wide-area IoT
Copyright 2021 - All Right Reserved
Home - Reader Forum: Operators must think security first to prevent catastrophic network breaches
OpinionReader Forum

Reader Forum: Operators must think security first to prevent catastrophic network breaches

by Martha DeGrasse February 27, 2017
written by Martha DeGrasse February 27, 2017 Share
LinkedinEmail
Share 0LinkedinEmail
Nokia
57

Telecom networks operate in two different planes: the user plane and the control plane. The user plane – also known as the “bearer” plane – is where all user data (voice, data, video) is carried. The networks manage user sessions and authenticate devices and subscribers using the control plane. The control plane is also interconnected with other networks to support roaming when we travel.

Networks once used dedicated circuits to connect to other networks (such as T1/E1 circuits). These dedicated circuits carried a level of inherent security because they were assigned to a physical building address and could not be easily moved around. As the address of the termination point for the circuit was well recorded, it was extremely difficult for abusers to hide. This method of interconnection between networks prevented unauthorized access into both wireless and fixed line networks.

Around 2000, however, we began migrating our networks to an all-IP infrastructure. This had a profound effect not only on the transport network, but on interconnections as well. IP circuits can be accessed from anywhere, exposing the network to new threats. Still, there was a certain level of skill and expertise required to connect to a telecom network and use it for any nefarious activity. Only telephone companies and their engineers possessed this expertise. Specifications for these networks and their underlying protocols cost thousands of dollars, providing yet another barrier to would-be hackers.

Eventually, knowledge about these networks and the technology used in these networks became widespread, including through university curriculum for engineers. Specifications and standards are now free to anyone through the internet. These specifications have become available to everyone and what was once proprietary knowledge has become public knowledge.

Researchers have demonstrated that anyone with a laptop can access a communications network and attack subscriber sessions. They can steal sensitive personal information such as location, and hijack conversations and text messages. Tools, services and products are now available to automate this for those not ready to learn.

Given the increase in telecom network attacks, the telecom industry must begin taking a new approach to security. Let’s examine how communications networks can be exploited today, based on evidence now being shared among service providers and based on findings from various researchers.

The first step to exploiting the network is getting access. This can be done through service providers who are selling direct access to their networks – in some cases for as little as $1,000 per month. These are typically smaller operators in developing markets, who view this as necessary revenue, even though they know that selling direct access may compromise networks all over the world.

It is extremely difficult to single out these operators and prevent them from accessing other networks because blocking traffic from these networks puts their subscribers at risk. However, the industry needs to come up with a better way to manage direct network access and associated risks from these complicit operators.

The dark web reveals there are more sources for gaining access to telecom networks besides through other service providers. There are now many types of companies that have negotiated network access to deliver content, location services, texting services and more. On the dark web, some of these companies are selling access to more than 600 networks for a nominal fee.

Getting access to telecom networks has become very easy – and once access has been provided from one provider a hacker can access all of the other interconnected networks. The entire roaming ecosystem is now at risk.

After gaining network access, a hacker needs his own network. This was a barrier previously, but now hackers can obtain a number of open source tools that allow them to emulate a complete network on a simple Linux laptop. Many of these products are used in lab environments for testing by equipment vendors, but this is also how researchers are able to send commands into remote networks for control of subscriber sessions.

Researchers have already demonstrated a handful of network exploits and there are definitely more to be found. If a rogue nation or terrorist organization can access the control plane of any network in the world, well, Houston we have a problem.

Most of the media attention on this topic has focused on SS7 protocol, as if this was the only technology at risk. This could not be further from the truth, yet a lot of focus has been placed here because all of the research has focused on SS7. We are now seeing the same attacks being demonstrated on diameter networks and we can only expect this exposure to continue.

There is also a belief within the industry that there is very little of this type of activity happening in real networks today. This is something we hear in the fraud industry often – there is no need to fix something that has such low risk. But in this case, while there may be few instances, the stakes are much higher. If the target is high profile and an attack is launched against that target, the fallout will be severe and possibly dangerous. The industry cannot afford to take a “wait until it happens to us” attitude when it comes to this type of security vulnerability.

The good news is there are plenty of things that operators can do today to secure their networks and prevent exploits of this nature. Implementing access controls is a basic tenant of good IT practices and all operators should restrict the level of access any entity has into the network to prevent wide-scale abuse.

This is a principle that the telecom industry has not yet learned because we have always operated under a model of trust. However, this is no longer the case.

Every type of network uses gateways for access. In the voice-over-IP domain, session border controllers provide a gateway function with the ability to restrict the level of access by other networks. In fixed line, 2G and 3G networks, the signaling transfer point acts as a gateway into the control plane of the network, preventing unauthorized access into the network.

In 4G networks, the control plane uses a new protocol called diameter. In these networks, a diameter signaling router provides an important function defined by the GSMA as the diameter edge agent. The DEA also provides the ability to implement access policies through comprehensive filters preventing unauthorized messages from entering into the network.

Content providers and other “over-the-top” partners have also been given full access to the control plane of a network, but this is not necessary. They should be managed through an API providing access to information through a tightly controlled interface. Services gatekeepers for API management should be used in all cases where an operator is providing a connection to a partner that is not operating a regular telecom network.

Researchers and industry experts agree that these gateways are the access points into the network, and as such the best place to implement access policy. But unlike the direction we see many operators trying to take, not every single control message needs to be filtered or defined.

The best approach to securing the network is to think about each of the exploits and how they are implemented. The exploits we have seen to date require a number of different commands and messages to be successful, yet if one message fails, the entire exploit is thwarted. This is a critical concept to understand.

Rather than try and address every message in a control protocol, it is much more efficient to address each of the known exploits first. This will allow an operator to quickly secure the network from known vulnerabilities and provide much-needed security to its high profile subscribers immediately. Over time, the operator can then look at treatment for other commands and whether or not they should be allowed by specific partner networks.

Network security has never been more important than it is today. There is increasing evidence that communications networks are being compromised and used for tracking the location of individuals, eavesdropping on conversations and intercepting text messages. It is this author’s belief there is yet more to come and organizations need to plan accordingly. Never has it been more important to invest in the security of the network than it is today.

Editor’s Note: In an attempt to broaden our interaction with our readers we have created this Reader Forum for those with something meaningful to say to the wireless industry. We want to keep this as open as possible, but we maintain some editorial control to keep it free of commercials or attacks. Please send along submissions for this section to our editors at: [email protected].

You Might Also Like
  • Thursday (telco diary) | Satellite versus terrestrial
  • Wednesday (telco diary) | What telcos want – and why they wait
  • Tuesday (telco diary) | Ericsson holds the line
  • The (agentic) future of AI-to-AI connectivity (Reader Forum)
  • Monday (telco diary) | Consolidation, orchestration, automation
  • Netgear’s quiet reinvention as a B2B and SaaS company (Analyst Angle)
Share 0 LinkedinEmail
Martha DeGrasse

Martha DeGrasse is the publisher of Network Builder Reports (nbreports.com). At RCR, Martha authored more than 20 in-depth feature reports and more than 2,400 news articles. She also created the Mobile Minute and the 5 Things to Know Today series. Prior to joining RCR Wireless News, Martha produced business and technology news for CNN and Dow Jones in New York and managed the online editorial group at Hoover’s Online before taking a number of years off to be at home when her children were young. Martha is the board president of Austin's Trinity Center and is a member of the Women's Wireless Leadership Forum.

previous post
Deutsche Telekom plans to launch commercial NB-IoT in European markets this year
next post
Sprint partners with Nokia, Ericsson to bolster LTE, set table for 5G

White Papers

  • Norton eBook: The 2026 Telco Playbook

  • Enea White Paper: Why Intelligent AAA is the Swiss Army Knife of Telecom

  • CSG White Paper: Telco AI Enabler: Mediation’s Defining Role

  • Enea White Paper: Scalable Database Design for 5G and Beyond

  • Supermicro and NVIDIA Whitepaper: Powering sovereign AI at scale

Editorial Reports

  • Nvidia Report: The State of AI in Telecommunications: 2026 Trends

  • Report: Scaling Optical Networks For The Hyperscale And AI Era

  • Test And Measurement Market Pulse Report

Webinars

  • Webinar: Building 6G — aligning technology, policy and purpose

  • SIMCom Webinar: Scaling your next deployment – from plastic to provisioning

  • Webinar: Rethinking the RAN as AI, cloud and openness converge

  • Webinar: Scale-Up, Scale-Out, Scale-Across – Building AI-Era Network Fabrics

  • Webinar: NTN in motion – evolving standards, expanding services

Since 1982, RCR Wireless News has been providing wireless and mobile industry news, insights, and analysis to mobile and wireless industry professionals, decision makers, policy makers, analysts and investors.

Facebook Twitter Youtube Linkedin Envelope Rss

Useful Links

  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive
  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive

Edtior's Picks

Red Hat outlines AI-RAN roadmap
Ericsson wins role in £8bn UK’s defense upgrade as private 5G moves to...
Thursday (telco diary) | Satellite versus terrestrial

Latest Articles

Red Hat outlines AI-RAN roadmap
Ericsson wins role in £8bn UK’s defense upgrade as private 5G moves to frontline
Thursday (telco diary) | Satellite versus terrestrial
The Agentic Network — Deutsche Telekom on APIs for trusted AI

© 2026 RCR Wireless News All Right Reserved. Developed by Eight Hats.

Cookie Policy | Privacy Policy

RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
@2020 - All Right Reserved. Designed and Developed by PenciDesign