Connecting Africa is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Partner Perspectives (Sponsored Content)

How mobile operators in Africa can address signalling threats and secure the network

Article Image
Telecommunications in Africa has undergone rapid growth in recent years. Mobile services in the south of the continent alone generated around US$7 billion in revenue in 2018 as a result of a sharp rise in mobile subscribers. But that increase in adoption has led to a growth in fraud. According to the latest research from the Sierra Leonean National Telecommunication Commission, Africa is losing around US$1.59 billion every year to telecom fraud, significantly impacting operator revenues and the subscriber experience.

However, solving telecom fraud on the continent isn’t straightforward. The roaming business is a huge revenue driver for mobile operators and implementing a telecom security solution across a complex and ever-evolving cross-technology interworking network is an ongoing challenge.

So, how can African operators proactively combat the rising threat of telecom fraud?

What does the current landscape look like?

Operators are interconnecting with an increasing number of players in the field, from other operators to global service and platform providers. This is resulting in mobile network vulnerabilities being exploited, particularly via their international connections with the rest of the world, as these parts of the network are much easier for hackers to spoof.

These malicious activities are taking advantage of the lack of effective security measures, including authentication, integrity and confidentiality protection embedded in the telecoms protocols that are used for interworking between mobile operators (SS7, Diameter and GTP).

While interconnecting with an expanding number of players offers many advantages, from an improved user experience and global coverage to greater business and monetization opportunities, it is expanding the attack surface for fraudsters to target. Network resilience to this growing attack surface is also key if operators want to protect subscribers, user data and the growing number of connected devices in the African roaming ecosystem.

Fraud threats have become much more sophisticated. It’s no longer a case of combatting traditional forms of telecom fraud, such as SIM swapping and phishing attacks. Fraudsters are utilising new and more devastating ways to wreak havoc on operators, especially on network boundaries where they are connecting internationally to other services, such as cloud communications and IoT platforms. Hackers are utilising these interconnections to commit cybercrimes such as interception of communications (voice and SMS), tracking, Distributed Denial-of-Service (DDoS) attacks and user impersonation, leveraging stolen subscriber information for malicious intent.

The introduction of the GTP protocol within 3G, 4G and 5G networks is also highlighting vulnerabilities in operators’ network security. For example, inherently, GTP doesn’t map a user’s location, enabling hackers to send malicious traffic simply via a mobile phone that the home operator network can’t identify. SS7 and Diameter protocol must be intertwined with GTP to provide a more complete user profile to the home network in order to combat these types of threats effectively.

What is the best method of protection?

Being aware of the growing threat landscape and sophisticated fraud types is half the solution for operators. Once network vulnerabilities can be identified, a fraud strategy can be put in place to address them.

Operators must identify the weak points on the network and monitor the types of fraudulent attacks happening there. And this needs to be done in a proactive way – waiting for attacks to happen and then plugging them is no longer sufficient to protect revenues and subscriber information. To address the issue, operators must deploy a combined attack and defence strategy to increase network resilience on two fronts: firstly, minimising the attack surface of the network on SS7, Diameter, and GTP, and secondly, monitoring signalling threats in real time.

Tackling the threat with a global IPX security solution

A global wholesale provider such as BICS is in a unique position in the ecosystem. As an international gateway sitting at the boundaries between operator networks and businesses, it can authenticate message sources and block illegitimate traffic. With a network that carries 25% of global roaming signalling traffic and 50% of the world’s data roaming, BICS has extensive visibility and insight into international traffic and associated threats to detect suspicious traffic patterns and protect operators before it reaches their network boundaries and causes damage.

BICS has recently joined forces with cybersecurity experts POST Cyberforce to bring a landmark security solution to the telecom industry – BICS IPX Security. By pairing POST Cyberforce’s expertise and custom-developed tools in protecting critical infrastructure with BICS’ fraud prevention suite, operators get an end-to-end solution which includes state-of-the-art penetration testing of the roaming environment and a telecom intrusion detection system combined with active protection on BICS nodes. This provides operators with an additional layer of security and in turn, makes fraud prevention far more cost-effective and efficient than running a 24x7 internal fraud operations team.

The fight against telecom fraud is a continuous exercise. Fraud is a sophisticated, well-organised international industry that is constantly adapting, and is expected to extend toward new and developing 5G services. Operators must manoeuvre a continuous test/ monitor approach with a practical mindset: not every type of fraud can be stopped all the time, but systematic screening and protection measures are invaluable in decreasing network vulnerability.

Beating the fight against fraud means working with a global telecom provider that can deliver a complete picture of network security. Visit the BICS website to find out more.


Related posts:

— Katia Gonzalez, Head of Fraud and Security at BICS

This content is sponsored by BICS.

Innovation hub


Super-app Gozem raises $5M for expansion plans

Gozem, the Francophone African super-app, has raised $5 million in a Series A round to help fund its expansion plans.


African startups raise almost $4B in 2021

Africa's startup ecosystem raised almost $4 billion in 2021 according to startups deals database Africa: The Big Deal – with Nigeria, South Africa, Egypt and Kenya taking the lion's share.

More Innovation hub

Latest video

More videos

Guest Perspectives


Omdia View: October 2021

By Omdia Analysts

Across the Middle East and Africa, regulators are beginning to facilitate spectrum allocation to operators in the region for the deployment of new and innovative technology.


Research Bites: Why Africans stop using mobile apps

By Chinedu Wilfred Okonkwo, Magda Huisman and Estelle Taylor

This article – in collaboration with the African Journal of Science, Technology, Innovation and Development – explores the reasons behind why Africans stop using certain mobile apps.

More Guest Perspectives

Partner perspectives

All Partner Perspectives

AfricaCom perspectives


Digital inclusion as a catalyst for economic empowerment: Mastercard's Imelda Ngunzu

Mastercard's Imelda Ngunzu talks to Connecting Africa about how digital payment solutions and mobile money are transforming the lives of small business owners, women and marginalized groups in East Africa.


Accelerating women in STEM: In conversation with GirlCode's Tinyiko Simbine

GirlCode co-founder and CFO Tinyiko Simbine talks about why it's important to help girls and young women excel in science, technology, engineering and mathematics (STEM) fields.


How Poa Internet is unlocking meaningful connectivity in East Africa

Poa Internet's CEO Andy Halsall shares his views on what it takes to develop last-mile connectivity and get Africans online in a meaningful way.

More AfricaCom perspectives

Flash poll

All polls

Archived webinars

Meeting SME’s where they are - Building inclusive ecosystems for Africa’s small business owners

Micro and small businesses have been, and still are, the spine and lifeblood of the African economy, making up 90% of businesses on the continent.

Many of these businesses have still been operating in traditional ways and serving non-digital customers. With Covid-19 expediting the digital transformation process, businesses - big and small - have been forced to adapt to operate successfully in a more digital-first environment.

To ensure that the digitalization of Africa’s market doesn’t leave micro and small businesses behind, digital solutions must be inclusive and create business-ready environments. But how can we ensure that African SMEs become digitally enabled?

In this webinar we will share from our own experience on how to create such an environment, and the actions we took in vcita to get there, including:

  • Closing the digital literacy gap through tech inclusion 
  • Making a positive impact on local communities
  • Building the foundations for digital inclusion and small business growth in a technology-accelerated world
  • Building the foundations for digital inclusion and small business growth in a technology-accelerated world

Register Here >>

More Webinars

Sponsored video

More videos

Like us on Facebook

Newsletter Sign Up

Sign Up