As a result of security vulnerabilities in the GTP protocol, all mobile networks are vulnerable to denial of service (DoS), impersonation and fraud attacks based on new research from Positive Technologies.
The firm's new Vulnerabilities in LTE and 5G networks 2020 report (opens in new tab) highlights the cybersecurity risks to networks that utilize the GTP protocol which is used to transmit user data and control traffic on 2G, 3G and 4G networks. However, non-standalone 5G networks are also vulnerable.
Tests conducted by Positive Technologies' experts show that network equipment used in these networks are vulnerable to DoS attacks. DoS attacks against network equipment are far worse than those targeting specific users as a large number of people could lose connectivity following a successful attack. These attacks could be especially dangerous for 5G networks as IoT devices including industrial equipment, smart homes and even city infrastructure will also be affected.
- 5G to hit one billion connections by 2022
- Companies embracing IoT despite security risks
- Almost all mobile apps vulnerable to malware
Through the GTP protocol, networks were also vulnerable to impersonation attacks where a cybercriminal assumes the identity of a subscriber to get authorized access to online services in order to bypass two factor authentication. At the same time though, fraudsters can also launch these attacks to perform mobile traffic drain for fake roamers and make a network operator pay for it.
Faults in the GTP protocol directly impact most 5G networks because they are non-standalone and deployed on the EPC core network meaning they have the same vulnerabilities. The GTP protocol will also be used in standalone 5G architecture, so even when new networks are developed, security will remain a key issue.
Positive Technologies' CTO Dmitry Kurbatov provided further insight on the report's findings in a press release (opens in new tab), saying:
“Every network tested was found to be vulnerable to DoS, impersonation and fraud. In practice, this means that attackers could interfere with network equipment and leave an entire city without communications, defraud operators and customers, impersonate users to access various resources, and make operators pay for non-existent roaming services. Moreover, the risk level is very high: some of these attacks can be performed using just a mobile phone.”