“Currently, operators are placing incredibly few security actions in put to safeguard against these vulnerabilities”
Cell operators stay highly exposed to vulnerabilities in the GTP protocol, rendering practically each and every community open to denial of service assaults, impersonations and fraud campaigns.
The GTP protocol is a tunneling protocol outlined by the 3GPP criteria to have Basic Packet Radio Assistance (GPRS) in just 3G/4G networks security challenges with it are widely recognised.
Security company Beneficial Systems stated its exams for 28 telecom operators in Europe, Asia, Africa, and South The united states identified that each and every one particular was vulnerable, with the assaults in some spots capable to be carried out simply with a cell phone GTP challenges also straight effect 5G networks.
A person of the primary flaws in the GTP protocol is that it does not check out a user’s site, an attacker can use this flaw to send malicious traffic which the residence community has problems figuring out the legitimacy of subscriber credentials are also checked on S-GW (SGSN) products by default, which can be mimicked by an attacker to steal facts, the security company stated in a new report.
The report states that: “The dilemma is that site tracking must be cross-protocol, which suggests examining the subscriber’s movements by using SS7 or Diameter. The security tools utilised on most networks never have these kinds of abilities.”
The scientists tested the networks by simulating serious-world assaults by sending ask for to an operator’s community. Utilizing tools these kinds of as a PT Telecom Vulnerability Scanner and a PT Telecom Attack Discovery they identified that DoS assaults have been prosperous 83 % of the time.
Dmitry Kurbatov, CTO at Beneficial Systems commented that: “Every community tested was identified to be vulnerable to DoS, impersonation and fraud. In exercise, this suggests that attackers could interfere with community products and go away an entire city without communications, defraud operators and prospects, impersonate buyers to entry many means, and make operators pay for non-existent roaming companies. Also, the hazard level is incredibly significant: some of these assaults can be carried out using just a cell phone.”
GTP Protocol and 5G
Unfortunately 5G networks are deployed on the Developed Packet Core (EPC) which was also utilised to create the 4G Extensive-Expression Evolution community, as these kinds of 5G is also vulnerable to exact flaws opened up by the GTP protocol.
The use of the EPC community is intended to be only a non permanent measure until 5G’s core standalone networks is established, but until that is in put 5G is vulnerable to the exact security hazards as all the other networks.
Dmitry Kurbatov states that: “We can say that most of today’s 5G networks, just like 4G types, are vulnerable to these sorts of assaults. This would make the security vulnerabilities of the GTP protocol urgent – as the amplified use of 5G vastly will increase the injury an attack these kinds of as a denial of service attack could do.”
“Currently, operators are placing incredibly few security actions in put to safeguard against these vulnerabilities and are also generating configuration issues that are placing their networks at additional hazard.
“We urge operators to study this analysis and pay extra awareness to the GTP protocol and follow the recommendations of the GSMA FS.20 GPRS Tunnelling Protocol (GTP) Security, like employing ongoing monitoring and evaluation of signalling traffic to detect potential security threats.”