Welcome to the VB2021 conference!

arrow left Back

STK, A-OK? Stopping messaging attacks on vulnerable SIMs

Cathal Mc Daid (AdaptiveMobile Security)
The Simjacker SMS attack showed how surveillance companies are using binary SMS to gain access to vulnerable SIM Card (UICC) applications on mobile devices for surveillance purposes. However there has been no in-depth follow-up since the research was revealed on what has changed, nor has there been an analysis of other potentially vulnerable UICC applications.

In this paper, we give a recap of the principals of the Simjacker attack and how it works. First, we will go into detail on what binary SMS are and their frequency in mobile networks. We will then outline details of other, previously undiscussed, UICC applications that have characteristics that mean they may also be vulnerable to attacks via UICC-destined binary SMSs, as well as their scale and distribution.

In the second part of this paper we will share new details from our experiences in detecting and blocking UICC-destined SMS attacks that exploit the Simjacker vulnerability – including the impact on the industry and on the attacker of releasing public information. We also cover information on a new attack delivery method used by the Simjacker attacker, as well as the scale of their attacks. This will show how these types of attacks are very much ongoing, and the importance of intelligence in stopping them.

Finally, we will explain what the mobile operator community has done since the release of the original Simjacker research, and what needs to be done in the future.
Cathal Mc Daid
AdaptiveMobile Security

Cathal Mc Daid is the CTO at AdaptiveMobile Security. He is one of the world’s foremost experts in mobile network security, where his recent achievements include the discovery of the Simjacker vulnerability. As CTO his role is to define the technology strategy and long-term technical vision, as well as to lead the team responsible for applied research in the fields of cybersecurity & mobile networks. His pivotal work in the industry has been recognized by the GSM Association where he is editor of the SS7 Interconnect Security Guidelines (GSMA FS.11) and editor of the new 5G Interconnect Security Guidelines (GSMA FS.36). With over 16 years’ experience in telecoms, messaging and security, he is a frequent contributor to business and technology media and is a regular speaker at industry events.