4G and 5G networks are vulnerable because of their mixing with older technologies

5G networks are vulnerable due to "bad" old technologies


The deployment of 5G networks is ongoing and there are more and more mobiles in the market compatible with this technology. However, cybersecurity researchers believe that the next step is to strengthen the protection of wireless connections.

Despite the global pandemic, plans to deploy the fifth generation of wireless connections have run their course and operators are beginning to include 5G in their services for both businesses and users.

As with every technological innovation, part of the development process involves strengthening security in the face of potential attacks and detecting every vulnerable corner that could serve as access to cybercriminals. 5G also has vulnerabilities and is not as new as this, but developed decades ago.

During a Presentation of Black Hat Asia on Friday, Sergey Puzankov, a security expert at Positive Technologies, highlighted the SS7 protocol as one of the issues still affecting the telecommunications industry. This protocol was developed in 1975 and has not evolved much since then.

The mix of technologies from different eras on which 5G is being deployed makes it easier to find gaps like this in older technologies. Signaling System 7 (SS7) was already revealed in 2014 as a protocol are serious security flaws, which could make it easier for cybercriminals to intercept phone calls and SMS to bypass two-factor authentication (2FA).

A hacker's paradise? 5G and cyber security | Financial Times

Such attacks affect 5G just like 2G, 3G and 4G networks. In addition to intercepting calls and SMS, cybercriminals can perform what is known as subscription fraud. It consists of sending "random" requests to subscribers through SS7/GTP protocols. In this way, they can apply to each victim a subscription with the personal data that has been stolen from them.

4G, 5G networks could be vulnerable to exploit due to 'mishmash' of old  technologies | ZDNet

"It is still possible for the attacks to take place in well-protected networks," remarked Puzankov in the presentation. Operators are already informed of this vulnerability and work to prevent and protect networks. "In most cases, operators can better protect their networks at no additional cost. They just need to check if their security tools are effective in analyzing new vulnerabilities," Puzankov explained.

Post a Comment

0 Comments