Mobile Network Hacking, IP Edition presented at BlackHatEurope 2019

by Karsten Nohl, Luca Yazdanmehr,

Summary : Mobile networks have gone through a decade of security improvements ranging from better GSM encryption to stronger SIM card and SS7 configurations. These improvements were driven by research at this and other hacking conferences.Meanwhile, the networks have also mushroomed in complexity by integrating an ever-growing number of IT technologies from SIP to WiFi, IPSec, and most notably web technologies.This talk illustrates the security shortcomings when merging IT protocols into mobile networks. We bring back hacking gadgets long thought to be mitigated, including intercepting IMSI catchers, remote SMS intercept, and universal caller ID spoofing.We explore which protection measures are missing from the mobile network and discuss how to best bring them over from the IT security domain into mobile networks.