Looking for telecom partners across Africa! See more

Company
Products
Clients
Contacts
Company
About
News
Partners
Products
Clients
Contacts
  • Main
  • /
  • News
  • /
  • Internal operator network security problems and methods to address them
29 August 2024

Internal operator network security problems and methods to address them

When the internal stack of communication protocols between telecom operators was developed, it was assumed that all operators were trusted message sources, and external penetration was impossible due to the high equipment cost. As traditional telephony is being replaced by IP telephony, equipment is becoming more affordable and cheap. Thus operators' internal networks are at risk of an external attack. At any PC, you can install a couple of free-ware applications and, with knowledge of the SS7 protocols and basic programming skills, penetrate the network.

The most widespread manipulation of SS7 protocols is sending illegal messages. The problem of SMS spam and fraud is relevant both for subscribers and for mobile operators. The damage from various types of fraud is obvious. Operators may face a decrease in customer loyalty, which is a blow to their reputation. Due to the huge amount of illegal messages, the costs for maintaining the communication quality increase. Business plans for revenue from legal M-commerce advertising campaigns are disrupted. Because of the breach of trust, subscribers turn down operators' new services, which also results in losses.

At first glance, the most obvious way to deal with SMS fraud could be eliminating vulnerabilities in the SS7 protocol itself. But the development of a new protocol stack with built-in security features will require updating the equipment and adapting the entire mobile operator infrastructure. Therefore, it is more reasonable to develop products that are integrated into the existing network.

One of the most effective means of protection, which implements methods for detecting, preventing, and blocking attacks on signal networks, is the SC.SMS Firewall. SC.Soft has broad and profound experience in solving security issues of mobile operators' networks. Within 10 years since the product was developed, more than 15 platform installations have been performed in the operator networks in the CIS, Asia, Europe, and the Middle East.

The SMS Firewall platform is designed to solve the following tasks:

  • Protecting from attacks.

  • Detecting «grey» routes and increasing revenue from A2P traffic.

  • Collecting statistics to develop a strategy for A2P traffic monetisation.

  • Protecting your own roaming subscribers from unwanted traffic.

  • Protecting subscribers' personal data.

SC.SMS Firewall is based on SMS Home routing technology. The platform is integrated into the operator’s network as a separate node with its own GT. Home routing is configured on HLR so that all SRI requests are redirected to SMS-FW. It allows you to intercept and monitor all incoming messages (P2P, A2P) from any source and decide whether to deliver or block them. If the operator’s switching equipment has limitations that do not allow Home routing use, other installation options with a flexible approach to problem-solving are available.

Thanks to various rules for analyzing and filtering SS7 traffic, the platform protects against external security threats. The GSM Association IR. 70 document «SMS SS7 Fraud» provides an extensive list of manipulations with SMS traffic, including Spam, Spoofing, Smishing, Malware, Flooding, Grey Routing, Mobile Terminated Faking, Sim Farm, and many others. Let’s address some of them and briefly describe the SC.Soft platform SC.SMS Firewall mechanisms for their detection and blocking.

Smishing (SMS Phishing). This form of illegal activity combines SPAM, SMS sender number substitution, and social engineering to access online systems, accounts, credit card data, passwords, etc.

SMS phishing detection includes content filtering to identify specific senders and SMS text analysis using keywords or phrases. As a rule, unsolicited messages contain some advertisement or a call to action, so the filter is configured for «trigger» words. If a message text contains a certain pattern then the specified error will be returned.

Flooding. A huge number of messages are sent to one or more destinations, usually using special software — SMS-bomber. It can be used for a psychological attack or as a tool for distracting the victim’s attention during other attacks (for example, hacking social networks or stealing personal data, funds from the card). SMS-flooding also increases the load on the operator’s resources, up to the signal network failure in extreme cases.

The platform SC.SMS Firewall offers the following mechanism for detecting and blocking SMS flooding. Once in a certain time interval (for example, once in 10 seconds), statistics data containing certain criteria are taken from the platform database. The criteria can consider the following message attributes: number A, number B, message text, source MSC GT, source SMSC GT. For the senders, whose statistics have exceeded a certain threshold, a prohibiting rule is created.

Grey route is an unauthorized channel for sending A2P messages.

SC.SMS Firewall detects messages coming from unauthorized channels using GT/sendlerID black/white lists. Data analysis is carried out in real time, allowing you to recognize «grey» routes quickly and check the relevance of all agreements on internetwork connections. The platform allows collecting statistical data to develop a successful strategy for monetizing A2P traffic.

The possibility for simultaneous use of various mechanisms for detecting unwanted traffic and flexible processing logic makes the platform SC.SMS Firewall a powerful tool for protecting the operator’s internal network. SC.Soft is constantly working to improve its products using the latest scientific research results and best market practices. The module with Artificial Intelligence (AI) backed traffic analysis is a unique SC.Soft development, which takes security to a new level. Artificial intelligence technology allows you to conduct a deep analysis of all SMS traffic, identifying suspicious activities, «grey» routes, «SMS farms.» The key advantage of the AI module is the ability to «self-study.» While performing the tasks, AI does not rely on the initially specified logical schemes and algorithms only but builds complex decision-making patterns («neural networks») based on the data obtained and previously performed tasks.

# SMS_Firewall
Other news
All news
26 June 2026
# products
SC.Soft Updates the USSDC Platform

SC.Soft has released a functional update to its USSDC platform, expanding operators' capabilities for launching and developing USSD-based services.

24 June 2026
# events # partners
SC.Soft Joins GSMA Open Gateway as a Channel Partner

SC.Soft has signed the GSMA Open Gateway Memorandum of Understanding and joined the initiative as a Channel Partner.

29 May 2026
# partners
SC.Soft Launches Partner Program for the African Market

Inviting agents, direct partners, and systems integrators to long-term collaboration across African telecoms.

Subscribe to our newsletters

Please share your email and we’ll keep you informed about our new products and events. We promise, no spam:)

Company
About
News
Partners
Products
Clients
Contacts

product@soft.sc

Personal Data Processing Policy
Политика использования файлов cookie
© SC.Soft, 2026