Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      Sunshine And March Vibes (2025 Wallpapers Edition)

      May 13, 2025

      The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

      May 13, 2025

      How To Fix Largest Contentful Paint Issues With Subpart Analysis

      May 13, 2025

      How To Prevent WordPress SQL Injection Attacks

      May 13, 2025

      This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

      May 13, 2025

      Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

      May 13, 2025

      NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

      May 13, 2025

      How to install and use Ollama to run AI LLMs on your Windows 11 PC

      May 13, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      Community News: Latest PECL Releases (05.13.2025)

      May 13, 2025
      Recent

      Community News: Latest PECL Releases (05.13.2025)

      May 13, 2025

      How We Use Epic Branches. Without Breaking Our Flow.

      May 13, 2025

      I think the ergonomics of generators is growing on me.

      May 13, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

      May 13, 2025
      Recent

      This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

      May 13, 2025

      Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

      May 13, 2025

      NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

      May 13, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Development»Ofcom Bans Global Titles Leasing to Thwart Criminal Abuse of UK Mobile Networks

    Ofcom Bans Global Titles Leasing to Thwart Criminal Abuse of UK Mobile Networks

    April 22, 2025

    Global Titles, UK Telecom, NCSC, UK TelecommunicationsTwo-Factor Authentication

    The UK communications regulator Ofcom has banned leasing of “Global Titles,” a special phone number type used in mobile network signaling, in a landmark decision to counter growing threats from cybercriminals and foreign intelligence actors.

    Effective immediately, mobile operators are prohibited from entering new leasing agreements for Global Titles. The move closes a longstanding technical loophole that allowed criminals to exploit mobile infrastructure for surveillance, fraud, and data theft — often without detection.

    Ofcom’s decision positions the UK as a global leader in mobile network protection, following concerns raised by the National Cyber Security Centre (NCSC) and cyber threat intelligence specialists about persistent abuses of mobile signaling systems.

    Natalie Black, Group Director for Networks and Communications at Ofcom, called the move a “world-leading action.”

    “Leased Global Titles have become one of the most persistent sources of malicious activity on telecom networks,” Black said. “Our ban will help prevent them falling into the wrong hands – protecting mobile users and our critical telecoms infrastructure in the process.”

    Global Titles: A Hidden Risk in the Mobile Backbone

    Mobile networks use Global Titles to route signaling messages that ensure calls and texts reach their intended destinations. These identifiers operate silently behind the scenes, supporting billions of daily communications without ever being visible to the users making or receiving them. While consumers are unaware of their presence, these numbers play a critical role in routing communications globally.

    Traditionally, mobile operators lease Global Titles to legitimate enterprises offering mobile services. But weak oversight and the anonymity provided by leasing arrangements have made them attractive to malicious actors.

    Criminal groups have used Global Titles to intercept two-factor authentication codes, track user locations, and divert SMS or call traffic — posing significant risks to individuals, financial institutions, and national security infrastructure.

    Because Global Titles are leased, not owned, bad actors often operate under the guise of legitimacy, making them difficult to detect and attribute.

    “This technique, which is actively used by unregulated commercial companies, poses privacy and security risks to everyday users,” said Ollie Whitehouse, Chief Technical Officer at the NCSC. Today’s action by Ofcom sets a new bar for telecom security and the UK encourages other nations to follow suit, Whitehouse added.

    Industry Efforts Fell Short

    The telecom industry has long acknowledged the risks associated with signaling exploitation, but voluntary measures failed to deliver meaningful results. Ofcom noted that self-regulation did not adequately prevent misuse or enforce accountability across mobile operators and signaling brokers.

    Frustrated by the lack of progress, the regulator opted for decisive action.

    “The industry has been aware of these vulnerabilities for years,” said one senior security engineer at a UK telecom operator. “This ban forces everyone to raise the baseline of security and treat signaling as a live threat surface, not just a background protocol.”

    Also read: CISO’s Guide to Telecom Security: Combatting Cyber Threats with Modern Intelligence

    Ofcom Implementation Timeline and Guidance

    While new leasing is now banned, existing leases will be phased out. All current arrangements must end by April 22, 2026. An extended deadline of October 22, 2026, applies to two specific use cases that face complex transition challenges.

    Ofcom also released updated guidance for mobile network operators, outlining how to monitor and safeguard their signaling assets and prevent unauthorized access or misuse.

    The regulator’s approach aims to strike a balance between urgent risk mitigation and operational continuity for businesses that depend on Global Title services.

    Growing International Concern Over Mobile Signaling Exploits

    SS7 and related signaling systems have come under intense scrutiny in recent years due to their lack of authentication and encryption. These legacy protocols remain active across much of the global telecom landscape and are often exploited by threat actors with access to international or leased network elements.

    In several known cases, attackers have used signaling exploits to track political dissidents, compromise bank accounts, or conduct targeted espionage operations. Experts have repeatedly warned that without strict regulation, signaling vulnerabilities could enable cross-border attacks and surveillance.

    Ofcom’s move aligns with recommendations from international cyber authorities and comes at a time when governments are reassessing how national telecom assets are protected in light of geopolitical tensions and hybrid warfare tactics.

    NCSC’s Whitehouse called the decision “a critical milestone in securing the UK’s digital infrastructure,” urging international regulators to take similar steps. Security professionals welcomed the move, noting it sets a precedent for treating mobile signaling security with the same urgency as core internet protocols or data protection standards.

    “This is overdue,” said a threat intelligence analyst. “We can’t keep securing endpoints and ignoring what’s happening in the transport layer of mobile communications.”

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleTransgate | Convert Audio to text in min
    Next Article The AI Fix #47: An AI is the best computer programmer in the world

    Related Posts

    Security

    Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

    May 13, 2025
    Common Vulnerabilities and Exposures (CVEs)

    CVE-2024-46506 – NetAlertX Unauthenticated Command Injection Vulnerability

    May 13, 2025
    Leave A Reply Cancel Reply

    Continue Reading

    Sam Altman says OpenAI can confidently build AGI as the ChatGPT maker shifts focus to superintelligence: “I kinda miss doing AI research back when we didn’t know how”

    News & Updates

    5 Linux commands for troubleshooting connectivity issues

    Development

    CVE-2025-3911 – Docker Desktop Environment Variable Disclosure

    Common Vulnerabilities and Exposures (CVEs)

    Supercharge Customer Journeys with Salesforce OmniStudio

    Development

    Highlights

    Artificial Intelligence

    Using Multichannel and Speaker Diarization

    December 7, 2024

    When working with audio recordings that feature multiple speakers, separating and identifying each participant is…

    CVE-2025-1908 – GitLab Information Disclosure and Session Hijacking Vulnerability

    April 24, 2025

    Open-Source TTS Reaches New Heights: Nari Labs Releases Dia, a 1.6B Parameter Model for Real-Time Voice Cloning and Expressive Speech Synthesis on Consumer Device

    April 23, 2025

    I switched to Mac Studio M4 for two weeks – a Windows PC user’s buying advice

    March 21, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.