In October 2005, researchers from Pennsylvania State University published an analysis of vulnerabilities in SMS-capable cellular networks.[26] The researchers speculated that attackers might exploit the open functionality of these networks to disrupt them or cause them to fail, possibly on a nationwide scale.
SMS Spoofing
The GSM industry has identified a number of potential fraud attacks on mobile operators that are caused by abuse of SMS messaging services. The most serious of these threats is SMS Spoofing. SMS Spoofing occurs when a fraudster manipulates address information in order to impersonate a user that has roamed onto a foreign network and is submitting messages to the home network. Frequently, these messages are addressed to destinations outside the home network – with the home SMSC essentially being “hijacked” to send messages into other networks.
The only 100%-sure way of detecting and blocking spoofed messages is to screen incoming mobile originated messages to verify that the sender is a valid subscriber and that the message is coming from a valid and correct location. This can be implemented by adding an intelligent routing function to the network that can query originating subscriber details from the HLR before the message is submitted for delivery. This kind of intelligent routing function is beyond the capabilities of legacy messaging infrastructure.[27]
Tidak ada komentar:
Posting Komentar