BSides Toronto 2020

New Era in Telecom Hacking
2020-10-18, 16:00–16:40, Twitch

his talk focus on the implementation of new security hardening in mobile networks as well as detecting techniques and bypassing methods. The scope of the illustration include both radio and signaling core network.
One of the most complicated network is mobile telecom network. There are some segments
include signaling, charging, packet data, Radio etc. Still there are many security holes that
allow attackers to compromise the network and however telecom companies enable
security mechanisms and put some security devices. In this talk, I will cover common
high-tech security solutions used by telecom operators and and all ways to detect and after that bypass it as well as security recommendations to prevent theses activities.

In this talk I will start the presentation with recent telecom abuse and related hacking news in 2019. In the next section I will cover common mobile network vulnerabilities and architecture. After that illustrate security of radio access network (RAN) and bypassing scenarios and techniques as below:
1. Mobile Phone Registration (IMEI policies) Bypass
2. Bypassing Unrevealed Ciphering Algorithms
3. LTE/LTE Advanced Bypass
The next part of the talk will be assign to Circuit Switch network (Signaling) and the technical bypass techniques are as below:
1. Home Routing Detection
2. Bypassing Home Routing
3. Signaling Firewall Detection
4. Bypassing Signaling Firewall
And at the final section I will explain security solutions to defend against these malicious techniques.

Ali Abdollahi a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is an instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. He is a regular speaker and trainer at industry conferences like: BSides Budapest, BSides Dublin (Cancelled due to Covid-19), c0c0nXII, TyphoonCon (SSD), Cyber Junegle, Confidence, ISACA Euro CACS 2020, OWASP Appsecdays, DefCon