Positive Technologies Security researchers discovered several vulnerabilities in the GPRS Tunneling Protocol (GTP) that attackers can use to address network users. The GTP is the protocol for the transmission of user data and for the control of data traffic in 2G, 3G, 4G and 5G networks.
Attackers could exploit the vulnerability to intercept user data, commit fraud, and launch DoS attacks.
The security gaps with the GTP protocol have a direct impact on 5G networks. “The risk should be seen as high. In some cases, an attack can only be carried out with a mobile phone. ”
GTP security issues
Between 2018 and 2019, the researchers carried out various security assessments against 28 telecommunications operators in Europe, Asia, Africa and South America and confirmed the security vulnerabilities with the GTP protocol.
All tested networks are vulnerable to DoS, impersonation and fraud. This would allow attackers to disrupt network devices, defraud operators and customers, and pretend to be users to access various resources.
In the impersonation attack, a cybercriminal could use the subscriber's identity to gain authorized access to online services, bypass two-factor authentication, and carry out other fraud.
The vulnerabilities can pose a serious risk to 5G users because they are not self-contained and are deployed to the EPC core network.
"Some of the GTP protocol will remain in its own 5G architecture. Even if these networks are developed, security remains a key issue," the report said.
"A loss of mass communication is particularly dangerous for 5G networks because subscribers are IoT devices like industrial plants, smart homes and urban infrastructure."
The researchers said that network operators take few security measures to protect this type of attack and that configuration errors pose serious risks.
It is recommended that operators take a close look at the GTP protocol, ensure filtering at the GTP level and provide specially developed security solutions.
You can follow us on Linkedin, Twitter Facebook for daily cyber security and hacking news updates.