Mnoz\u00ed z n\u00e1s jist\u011b za\u017eili sc\u00e9n\u00e1\u0159e, kdy n\u00e1s syst\u00e9m internetov\u00e9ho bankovnictv\u00ed \u017e\u00e1d\u00e1 o opakovan\u00e9 zad\u00e1v\u00e1n\u00ed \u00fadaj\u016f. Proto\u017ee syst\u00e9m nedok\u00e1\u017ee zjistit \u00fadaje o na\u0161em \u00fa\u010dtu. Je to nejen alarmuj\u00edc\u00ed, ale i otravn\u00e1 situace. Mus\u00edme zadat autoriza\u010dn\u00ed k\u00f3d pro ov\u011b\u0159en\u00ed na\u0161\u00ed toto\u017enosti.<\/p>\n
Za t\u00edmto \u00fa\u010delem obdr\u017e\u00edme od banky zpr\u00e1vu nebo telefon\u00e1t. Nejen bankovn\u00ed \u00fa\u010dty vyu\u017e\u00edvaj\u00ed tento syst\u00e9m z\u00edsk\u00e1v\u00e1n\u00ed informac\u00ed. Ale i dal\u0161\u00ed finan\u010dn\u00ed organizace shroma\u017e\u010fuj\u00ed \u00fadaje pro ov\u011b\u0159ov\u00e1n\u00ed po cel\u00e9m sv\u011bt\u011b.<\/p>\n
V \u00fanoru 2019 upozornil hacker Metro Bank na z\u00e1va\u017en\u00fd probl\u00e9m se signaliza\u010dn\u00edm syst\u00e9mem 7 (SS7). Tuto sadu protokol\u016f pou\u017e\u00edvaj\u00ed k p\u0159enosu dat oper\u00e1to\u0159i mobiln\u00edch s\u00edt\u00ed (MNO). SS7 je mezin\u00e1rodn\u00ed telekomunika\u010dn\u00ed standard pro p\u0159enos hovor\u016f, zpr\u00e1v a dal\u0161\u00edch dat. Tento syst\u00e9m zaji\u0161\u0165uje platnost informac\u00ed a poplatk\u016f pro z\u00e1kazn\u00edky. Oper\u00e1to\u0159i mobiln\u00edch s\u00edt\u00ed (MNO) tento syst\u00e9m SS7 hojn\u011b vyu\u017e\u00edvaj\u00ed pro p\u0159enos dat. Pom\u00e1h\u00e1 u\u017eivatel\u016fm p\u0159i datov\u00e9m roamingu na cest\u00e1ch do jin\u00fdch zem\u00ed.<\/p>\n
V roce 1974, kdy byl SS7 vynalezen, neexistoval jedin\u00fd probl\u00e9m se zranitelnost\u00ed. V dob\u011b zaveden\u00ed SS7 existovalo pouze omezen\u00e9 mno\u017estv\u00ed provozovatel\u016f s\u00edt\u00ed. Ale technologie a rychl\u00fd n\u00e1r\u016fst po\u010dtu MNO j\u00ed daly prostor. Nyn\u00ed ve sv\u011bt\u011b mnoha MNO je mo\u017en\u00e9 pomoc\u00ed syst\u00e9mu SS7 hacknout jak\u00e9koli mobiln\u00ed za\u0159\u00edzen\u00ed.<\/p>\n
Nen\u00ed pochyb o tom, \u017ee se tito MNO sna\u017e\u00ed chr\u00e1nit sv\u00e9 u\u017eivatele. Sna\u017e\u00ed se vymyslet co nejlep\u0161\u00ed bezpe\u010dnostn\u00ed opat\u0159en\u00ed, ale jejich protivn\u00edci se tak\u00e9 u\u010d\u00ed. D\u00edky rovnom\u011brn\u00e9mu rozlo\u017een\u00ed znalost\u00ed je ochrana syst\u00e9mu p\u0159ed t\u011bmito chytr\u00fdmi naru\u0161iteli slo\u017eit\u00e1. Pokud n\u011bkter\u00fd MNO p\u0159ijme n\u011bjak\u00fd sledovac\u00ed n\u00e1stroj, podvodn\u00edci si tak\u00e9 najdou \u0159e\u0161en\u00ed, jak jej p\u0159ekonat.<\/p>\n
Samoz\u0159ejm\u011b jsou vzd\u011blan\u00ed, zku\u0161en\u00ed a vybaven\u00ed hackersk\u00fdmi n\u00e1stroji a strategiemi. S jejich pomoc\u00ed se \u00fasp\u011b\u0161n\u011b dostanou do p\u0159ipojen\u00fdch telefonn\u00edch s\u00edt\u00ed, kter\u00e9 je zaj\u00edmaj\u00ed. Tito hacke\u0159i vyu\u017e\u00edvaj\u00ed telefonn\u00ed \u010d\u00edsla a pomoc\u00ed protokolu SS7 se dost\u00e1vaj\u00ed k t\u011bmto zraniteln\u00fdm m\u00edst\u016fm.<\/p>\n
V\u0161ichni odborn\u00edci a technologie MNO jsou s t\u011bmito trag\u00e9diemi SS7 dob\u0159e obezn\u00e1meni. Slo\u017eit\u00e1 povaha technologie jim zt\u011b\u017euje nalezen\u00ed trval\u00e9ho \u0159e\u0161en\u00ed proti t\u011bmto zranitelnostem. Mnoho mobiln\u00edch s\u00ed\u0165ov\u00fdch syst\u00e9m\u016f se rozhodlo proti t\u011bmto rizik\u016fm bojovat, ale narazilo na tvrd\u00e9 a chytr\u00e9 p\u0159ek\u00e1\u017eky. V\u011bt\u0161inou b\u011bhem datov\u00e9ho roamingu nelze SS7 filtrovat kv\u016fli dosahu s\u00edt\u011b.<\/p>\n
Pokud se hacke\u0159i dostanou do syst\u00e9mu SS7, mohou se snadno dostat k mobiln\u00edmu ovl\u00e1d\u00e1n\u00ed. Mohou p\u0159ij\u00edmat hovory, zpr\u00e1vy a p\u0159epos\u00edlat je. Pro MNO a technology se st\u00e1v\u00e1 nemo\u017en\u00e9 zjistit polohu podvodn\u00edk\u016f.<\/p>\n
I kdy\u017e v roce 2020 byla zavedena ur\u010dit\u00e1 autentick\u00e1 a p\u0159\u00edsn\u00e1 bezpe\u010dnostn\u00ed opat\u0159en\u00ed. Zranitelnost SS7 je v\u0161ak st\u00e1le vyd\u00e1na napospas t\u011bmto hacker\u016fm. IT odborn\u00edci a technologov\u00e9 zav\u00e1d\u011bj\u00ed nov\u00e9 protokoly jako pr\u016fm\u011br pro s\u00edt\u011b 4G. A\u010dkoli zabezpe\u010duje spojen\u00ed, st\u00e1le existuje mo\u017enost zranitelnosti. Proto\u017ee s\u00ed\u0165 4G pou\u017e\u00edv\u00e1 k p\u0159enosu hovor\u016f a zpr\u00e1v tak\u00e9 star\u00fd kompatibiln\u00ed protokol SS7.<\/p>\n
Bezpe\u010dn\u00fd a chr\u00e1n\u011bn\u00fd protokol m\u016f\u017ee t\u011bmto zranitelnostem pomoci. Pro n\u00e1vrh takov\u00e9ho bezpe\u010dn\u00e9ho protokolu jsou d\u016fle\u017eit\u00e9 n\u011bkter\u00e9 faktory. Zaprv\u00e9 je t\u0159eba se vyhnout krok\u016fm, kter\u00e9 vedou k riziku. Tedy vym\u00fdcen\u00ed naru\u0161itel\u016f z bezpe\u010dn\u00e9ho a efektivn\u00edho komunika\u010dn\u00edho syst\u00e9mu sn\u00ed\u017e\u00ed riziko. Za druh\u00e9, MNO a dal\u0161\u00ed p\u0159\u00edslu\u0161n\u00e9 spole\u010dnosti by m\u011bly tyto p\u0159\u00edpady pravideln\u011b sledovat od sam\u00e9ho po\u010d\u00e1tku. Pomohou tak p\u0159i vym\u00fdcen\u00ed t\u011bchto zraniteln\u00fdch hacker\u016f z mobiln\u00edho syst\u00e9mu SS7.<\/p>","protected":false},"excerpt":{"rendered":"
Mnoz\u00ed z n\u00e1s jist\u011b za\u017eili sc\u00e9n\u00e1\u0159e, kdy n\u00e1s syst\u00e9m internetov\u00e9ho bankovnictv\u00ed \u017e\u00e1d\u00e1 o opakovan\u00e9 zad\u00e1v\u00e1n\u00ed \u00fadaj\u016f. Proto\u017ee syst\u00e9m nedok\u00e1\u017ee zjistit \u00fadaje o na\u0161em \u00fa\u010dtu. Je to nejen alarmuj\u00edc\u00ed, ale i otravn\u00e1 situace. Mus\u00edme zadat autoriza\u010dn\u00ed k\u00f3d pro ov\u011b\u0159en\u00ed na\u0161\u00ed toto\u017enosti. K tomuto \u00fa\u010delu n\u00e1m slou\u017e\u00ed...<\/p>","protected":false},"author":1,"featured_media":411,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ss7-sms"],"yoast_head":"\n