During the game, attacker teams will be able to probe the security of telecom systems identical to those used in real cities.
Attackers will have plenty of interesting targets, including a telecom operator, Internet provider, residents who actively use cell phones and the mobile Internet, plus IoT and VoIP devices. The battleground: the full-scale digital infrastructure of a mock metropolis. Of course, the forum will also include The Standoff, a 30-hour cyberbattle in which teams of attackers, defenders, and security operations centers fight for control of a virtual city.
To take part, bring your own Osmocom, SDR, virtual machines, and other necessary equipment. The two participants completing the most tasks will win prizes.
Intercept the airwaves of our on-site mobile operator. Today's phreakers are still targeting telecom companies-and you can become one of them thanks to MITM Mobile.
Later at 11:00 a.m., Vadim Yanitskiy and Warsaw University of Technology graduate student Piotr Krysik will describe how to use open-source software (OsmoBTS or OpenBTS) to turn an SDR into a GSM mobile phone. He will also describe successful test attacks he has performed in these environments. The speaker will share results of security audits conducted for different MNOs. At 10:00 a.m., Sergey Mashukov will speak on the topic " Exploiting vulnerabilities in the 4G Diameter interoperator network," which will detail security issues with the Diameter protocol. On May 15, technical talks in the Press Hall will be given by Positive Technologies telecom security experts. In addition, the test stand will provide a chance to practice exploiting SS7 vulnerabilities, using protection tools, intercepting and eavesdropping on GSM traffic, and putting SDRs to use. Visitors can follow the actions of the "attackers" on large screens, as well as see how this is monitored and logged by PT Telecom Attack Discovery. Positive Technologies telecom security experts will demonstrate popular methods for attacking mobile subscribers: IMSI disclosure, geotracking, SMS interception, and call redirection. The forum venue will also have its very own mobile network, for testing and hacking purposes. The speaker will tell about threats to the connected world and the weaknesses lurking in today's smart cities, transportation, and electrical grid. On May 15 at 2:00 p.m., Positive Technologies Director of Telecom Security Dmitry Kurbatov will give a talk entitled " Telecom security: getting better or worse?" (Seliger Hall). Concerns abound: SIM cards carrying viruses, SDRs and IMSI catchers, tracking and eavesdropping via SS7, denial of service on LTE networks, and over-the-air GSM eavesdropping, to name a few. Connectivity has brought convenience and efficiency, but not security. A payment terminal in a café, an alarm system in a country house, a gas meter, a truck driving down a highway-all these now have a SIM card inside. Today it's hard to find an industry that does not depend on mobile network operators. Read on for an overview of PHDays contests and talks covering all aspects of telecom security. At Positive Hack Days, we invite you to learn about the vulnerabilities in mobile networks and try to hack a mobile operator that we've set up specially for the event. Security in the mobile industry is making headlines: eavesdropping, SMS interception, spoofing, and SIM card hacking are only a few of the possible attacks.
Publication date: Telecom security at PHDays: we've got you covered