BLACK TIGER
SECURE Local Cellular Service Provider
Threats and vulnerabilities of modern communication systems There is a number of major issues that make the use of mobile communication devices in government buildings potentially threatening to information security (especially confidential information leaks and breaches):
Foreign intelligence services can use open data collected via studying calls and movements of employees within the building in order to extract valuable information
Unauthorized mobile devices carried by employees and visitors
Uncontrolled calls which result in data leaks
Viruses carried via phones and data storage devices like USB
SS7
Attacks via SS7 protocols stack
SS7 is a set of protocols allowing phone networks to exchange the information needed for passing calls and text messages between each other and to ensure correct billing. Major SS7 vulnerability is caused by the fact that all requests received by the network is considered legitimate. A hacker with access to SS7 can send a request for location of any user, as well as redirect the victim’s call and eavesdrop. Interception of messages may allow access to personal information, social networks accounts, internet banking. Data stealing
Eavesdropping
Location identification
Who is affected by the vulnerability? Should a hacker gain entry to the SS7 system on any number of networks, anyone with a mobile phone could be vulnerable. What’s being done about it? Since the exposure of security holes within the SS7 system, certain bodies, including the mobile phone operators’ trade association, the GSMA, have set up a series of services that monitor the networks, looking for intrusions or abuse of the signalling system. Nothing is hack-proof, however, and their success will likely be on a network-by-network basis.
OUR SOLUTION A system that allows to build local GSM-network with following functionality:
Tracking Real time mobile phones tracking in the local area (IMSI, IMEI, activity).
Private network Local calls and local text messages to phone in the area.
Autonomy Local calls between phones in the area without bounding to real mobile operators.
Whitelisting Selective mobile phones blocking in the area according to white list/black list policy.
Corporate voice usage is picking up the pace faster than a bullet. Employees prefer a single handset for personal and professional use and no longer want to bear the burden of outdated intercom connections. With our solution, it is completely safe to pass sensitive information using your personal phone.
4
Implementation Methods Leopard Industrial case
• A Complete Network in a Box Mobile Voice, Data & Messaging Solution • Weight: Approx 5 kgs. • Dimensions (HxWxD in mm): 350 x 275 x 95
Jaguar Office case • A Complete Network in a Box Mobile Voice, Data & Messaging Solution • Weight: Approx 5 kgs. • Dimensions (HxWxD in mm): 350 x 275 x 95
Lion
Mobile case • A Complete Network in a Box Mobile Voice, Data & Messaging Solution • Weight: Approx 5 kgs. • Dimensions (HxWxD in mm): 350 x 275 x 95
Proposed solution to governmental buildings: deployment of a secure local cellular operator Mobile operator inside a dedicated building Mobile operator is working only inside a designated building, all calls are carried out without the external cellular operator which is very important when one takes into account that cellular providers have many security flaws Secure local provider cells are placed inside the building Zone isolated from external cellular provider and thus from SS7 attacks
Calls carried out inside the building
Different protection policies for different rooms and floors Security officer can switch off connection to users if they are not in white list. Users phones can be switched off in different rooms or on different floors depending on their status in white list. Security officer can modify access to various settings and functions: GSM-connection, SMS.
To become whitelist user any guest or employee must install DMM client (Android/iPhone OS are supported). Not whitelist phones are detected by system and taken away by security officer.
Building GSM security Different categories on different floors
Secure elevator When the elevator stops, the security service sees the status of all user mobile phones (white list, black list) on a dedicated panel/monitor
Perimeter security Special telecom scanning system is installed in checkpoint building to scan incoming cars.
Telecom security equipment allows to scan all persons coming to secure perimeter and detect their mobile phones. The method combined with CCTV system makes perimeter security more efficient.
Security Officer can see all IMSI/ IMEI of phones coming in cars to checkpoint
Connection of territorially distributed objects Operator can cover two buildings in different countries
Secure channel over the Secure Internet
Local secure operator zone 1 Local secure operator zone 2
Interface for developers and integration Our system can be easily integrated into Security Operation Center, can work with any systems through well documented and simple API interface. Interface of system
Device has WEB
API, which allows to make your own modules, scripts and interfaces.
Module of system
BLACK TIGER info@blacktg.com www.blacktg.com