Mission

TCERT regroups different stakeholder in regular meetings and ongoing research activities to improve Telecom Security.

Born from the common will of Operators, Network Equipment Vendors, Law Enforcement Agencies, Security Researchers and Security professionals, TCERT mandate is to help establish Telecom Security Response Teams and to connect them together.

TCERT helps coordinate incident and vulnerability information disclosure to the right stakeholders and to help research in Telecom Security.

TCERT does not provide security services itself. It relies on its members to have any fitting relationship with other members.

TCERT requires members to participate to operations, activities and information sharing.

TCERT is free to join.

1. Situation

Operator are doing a good job fighting fraud with Fraud and Revenue Assurance, Fraud Detection Systems. 3GPP is working hard with significant results from its SA3 security workgroup for specification and standardization of security measure to safeguard existing and future architectures. GSM Association Security Group is connecting the operators so that security threats are well known and addressed.

All these positive endeavors did not prevent system and network security problems from being under-estimated in Telecom networks. That results in vulnerable products, systems and as a result, vulnerable operators and hence, vulnerable critical infrastructures.

 

2. Problems

Who checks new software and hardware that operates critical infrastructure such as the Core Network, LTE EPC, Radio Access Networks and HLR and Service Profile Registries (SPR)?

Who “owns” Telecom Security within Operators? Who is ultimately responsible in case of network crash?

What tools do governments have at their disposal to evaluate and rate the security risk of Telecom providers and their Critical Infrastructures?

What software assurance and security quality checks are used by Network Equipment Vendors? Who can help them deploy and maintain best practices?

Where do independent research go when they have found a vulnerability? How can they communicate with strong confidentliaty and potential anonymity with the Vendors?

 

3. TCERT First tasks

First tasks of TCERT are:

Establish a list of Telecom Computer Response Team both at Vendors and Operators and setup secure mode of communications.
Spread awareness about Telecom Security (as opposed to simply Fraud).
Establish a common language and trust base for Security Researcher, Operators and Vendors for vulnerability communication.
Connect people through regular open meetings following according to the line of 3GPP.
Make a link between 3GPP and GSMA SG effort for Network Element hardening and Security Researchers, Security Professionals and Innovative Security Solution providers.
Day to day monitoring and news about Telecom Security.
Equipment Audit and Certification scheme.