The UK communications regulator Ofcom has banned leasing of “Global Titles,” a special phone number type used in mobile network signaling, in a landmark decision to counter growing threats from cybercriminals and foreign intelligence actors.
Effective immediately, mobile operators are prohibited from entering new leasing agreements for Global Titles. The move closes a longstanding technical loophole that allowed criminals to exploit mobile infrastructure for surveillance, fraud, and data theft — often without detection.
Ofcom’s decision positions the UK as a global leader in mobile network protection, following concerns raised by the National Cyber Security Centre (NCSC) and cyber threat intelligence specialists about persistent abuses of mobile signaling systems.
Natalie Black, Group Director for Networks and Communications at Ofcom, called the move a “world-leading action.”
“Leased Global Titles have become one of the most persistent sources of malicious activity on telecom networks,” Black said. “Our ban will help prevent them falling into the wrong hands – protecting mobile users and our critical telecoms infrastructure in the process.”
Global Titles: A Hidden Risk in the Mobile Backbone
Mobile networks use Global Titles to route signaling messages that ensure calls and texts reach their intended destinations. These identifiers operate silently behind the scenes, supporting billions of daily communications without ever being visible to the users making or receiving them. While consumers are unaware of their presence, these numbers play a critical role in routing communications globally.
Traditionally, mobile operators lease Global Titles to legitimate enterprises offering mobile services. But weak oversight and the anonymity provided by leasing arrangements have made them attractive to malicious actors.
Criminal groups have used Global Titles to intercept two-factor authentication codes, track user locations, and divert SMS or call traffic — posing significant risks to individuals, financial institutions, and national security infrastructure.
Because Global Titles are leased, not owned, bad actors often operate under the guise of legitimacy, making them difficult to detect and attribute.
“This technique, which is actively used by unregulated commercial companies, poses privacy and security risks to everyday users,” said Ollie Whitehouse, Chief Technical Officer at the NCSC. Today’s action by Ofcom sets a new bar for telecom security and the UK encourages other nations to follow suit, Whitehouse added.
Industry Efforts Fell Short
The telecom industry has long acknowledged the risks associated with signaling exploitation, but voluntary measures failed to deliver meaningful results. Ofcom noted that self-regulation did not adequately prevent misuse or enforce accountability across mobile operators and signaling brokers.
Frustrated by the lack of progress, the regulator opted for decisive action.
“The industry has been aware of these vulnerabilities for years,” said one senior security engineer at a UK telecom operator. “This ban forces everyone to raise the baseline of security and treat signaling as a live threat surface, not just a background protocol.”
Also read: CISO’s Guide to Telecom Security: Combatting Cyber Threats with Modern Intelligence
Ofcom Implementation Timeline and Guidance
While new leasing is now banned, existing leases will be phased out. All current arrangements must end by April 22, 2026. An extended deadline of October 22, 2026, applies to two specific use cases that face complex transition challenges.
Ofcom also released updated guidance for mobile network operators, outlining how to monitor and safeguard their signaling assets and prevent unauthorized access or misuse.
The regulator’s approach aims to strike a balance between urgent risk mitigation and operational continuity for businesses that depend on Global Title services.
Growing International Concern Over Mobile Signaling Exploits
SS7 and related signaling systems have come under intense scrutiny in recent years due to their lack of authentication and encryption. These legacy protocols remain active across much of the global telecom landscape and are often exploited by threat actors with access to international or leased network elements.
In several known cases, attackers have used signaling exploits to track political dissidents, compromise bank accounts, or conduct targeted espionage operations. Experts have repeatedly warned that without strict regulation, signaling vulnerabilities could enable cross-border attacks and surveillance.
Ofcom’s move aligns with recommendations from international cyber authorities and comes at a time when governments are reassessing how national telecom assets are protected in light of geopolitical tensions and hybrid warfare tactics.
NCSC’s Whitehouse called the decision “a critical milestone in securing the UK’s digital infrastructure,” urging international regulators to take similar steps. Security professionals welcomed the move, noting it sets a precedent for treating mobile signaling security with the same urgency as core internet protocols or data protection standards.
“This is overdue,” said a threat intelligence analyst. “We can’t keep securing endpoints and ignoring what’s happening in the transport layer of mobile communications.”
