Telecommunications are key in nowadays societies. They represent the backbone, the primary infrastructure based on which our society works and constitute the main instrument in allowing our democracy (and other EU core values such as freedom, equality, rule of law, human right) to function properly. As a consequence, here in ENISA (the EU cyber security agency) we consider assuring the security of our infrastructure as a top priority. The present study has deep dived into a critical area within electronic communications, the security of interconnections in electronic communications (signalling security). Based on the analysis, at this moment there is a medium to high level of risk in this area, and we do consider that proper attention must be granted by all stakeholders involved so as to find a proper solution. As mobile technologies evolve so does the threat landscape. Early generations of mobile networks 2G/3G rely on SS7 and its IP Version SIGTRAN, a set of protocols designed decades ago, without giving adequate effect to modern day security implications. Nobody at that time envisioned the scale that mobile networks could reach in the future, so trust and security were not issues. Nonetheless at the moment we are still using this legacy set of protocols to assure the interconnection between providers. The industry and security research community has started covering the topic, by providing good practices and necessary tools. But still, a lot more has to be done. Basic security measures seem to be implemented by more mature providers, but these measures assure only a basic protection level. More efforts need to be made so that an optimal protection level is achieved. Current telecommunication mobile generation (4G) uses a slightly improved signalling protocol called Diameter. Build with the same interconnect principles in mind but on an IP base, the protocol has been proved vulnerable. The industry is still trying to understand exact implications and to identify possible workarounds. Attackers are also in the same phase. It is our impression that the next step will be made soon. As soon as SS7 becomes sufficiently protected their focus will change towards the new attack surface. 5G, the new mobile generation, is still under development. Early releases from some manufacturers are available but the standards are still in their infancy. Nevertheless there is a certain risk of repeating history. Given the improvements that 5G will bring (more users, more bandwidth etc.) having the same security risks could be extremely dangerous. This document represents an EU wide (and not only) assessment of the current situation. We have analysed areas like types of attacks and their frequencies, security measures in place, available best practices and other constraints so that we can get an overall picture of signalling security in Europe. As you will notice in the document, further efforts are needed at global level to tackle current threats and prevent future similar situations. Special attention must be granted by different stakeholders involved so that an adequate level of protection is achieved across EU.
