Every day, surveillance companies attack mobile networks, attempting to track the location of mobile phone users. We will analyze, using real-life data, these surveillance companies’ tactics and show the different ways that users are tracked in the wild over 2G, 3G and 4G networks. For 5G, we describe the critical functions and information elements in the core network that might be targeted by these attackers.
Mobile core signaling networks have been known to have exploitable vulnerabilities for several years. However very little information has been presented on whether these vulnerabilities are being exploited in real-life or not, and if so, how it is being done. This presentation will give first-hand information about how location tracking – the most common form of mobile signaling attack - is being done over multiple types of mobile networks in the wild today.
We will start with briefly introducing mobile telecom networks, their known security flaws and how surveillance companies exploit these flaws. Surveillance companies are success oriented and have a toolbox which they use for location tracking of mobile phone users, which is the most common attack. Based on real-life experiences we will describe what “tools” we see in the wild and how they work. We will also describe how attackers optimize attacks based on the target network and technology, and how attacks have changed over time since some mobile operators have begun to put in place protections. We will also show a visualization of how these attacks can happen. Finally, we will make a projection for 5G core networks, and how they will also be targeted by surveillance companies as they are deployed globally over the next few years.