Expert On Research: All Mobile Networks Vulnerable To DoS, Impersonation And Fraud Cyber Attacks

Vulnerabilities affect non-standalone 5G networks, putting industrial equipment, smart homes, and city infrastructure at risk

Positive Technologies has published its Vulnerabilities in LTE and 5G networks 2020 report, the fourth in its four-part series on the greatest threats and vulnerabilities in the mobile ecosystem. Based on the findings gathered by Positive Technologies’ experts testing on mobile networks, the report highlights the cyber security risks to networks that originate with the GTP protocol – which is used to transmit user data and control traffic on 2G, 3G, and 4G networks.[1] Non-standalone 5G networks are also vulnerable.

Every tested network was vulnerable to denial of service against network equipment, which would result in legitimate internet users not being able to connect to the internet. Unlike DoS attacks targeted against specific users, denial of service against network equipment means loss of connection for a large number of users and could be especially dangerous for 5G networks because subscribers will also include IoT devices such as industrial equipment, smart homes, and city infrastructure.

Through the GTP protocol, networks were also vulnerable to impersonation attacks, where a criminal assumes the identity of a subscriber to get authorized access to online services and bypass two factor authentication, and fraud, where fraudsters perform mobile traffic drain for fake roamers and make the operator pay for it.


EXPERTS COMMENTS
Dmitry Kurbatov, CTO ,  Positive Technologies
June 12, 2020
Every network tested was found to be vulnerable to DoS, impersonation and fraud.
Every network tested was found to be vulnerable to DoS, impersonation and fraud. In practice, this means that attackers could interfere with network equipment and leave an entire city without communications, defraud operators and customers, impersonate users to access various resources, and make operators pay for non-existent roaming services. Moreover, the risk level is very high: some of these a ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article