Why 5G harbors multiple security weaknesses
By Lance Whitney
5G is being touted by many as the latest and greatest wireless technology with faster speeds and lower latency than its predecessors and the ability to juggle multiple devices, including Internet of Things (IoT) hardware and other demanding items. But concerns have arisen in some circles, including the European Union, over security weaknesses inherent in the new version.
Released on Wednesday, Positive Technologies’ report “5G Signaling Networks: Blast from the Past” argues why 5G is vulnerable to security holes and what mobile operators can and should do to better protect 5G networks.
For the sake of interoperability, each new generation of cellular technology inherits many of the features and functions of past versions. 5G relies on 4G networks, and 4G performs certain functions via 2G/3G technology. But this process of inheritance means that each new generation also is born with some of the weaknesses of past versions.
As one example advanced by Positive Technologies, Signaling System No. 7 (SS7) is a system of protocols for exchanging signaling messages used in 2G and 3G networks. But SS7 has certain built-in flaws that could allow bad actors to execute a range of attacks, including eavesdropping, SMS interception, and fraud.
As another example, 4G networks use the Diameter signaling protocol, which also is beset with security holes that could let hackers conduct the same range of attacks.
And as one more example, GTP (GPRS Tunneling Protocol) is used to transmit traffic on 2G, 3G, and 4G networks. But like the other protocols, GTP contains flaws that could allow cyberattackers to intercept user data.
Though newer, more secure protocols are available, the older, unsecure protocols will be around for years to ensure interoperability with previous versions of wireless technology.
During the transition to 5G, devices will connect to the new flavor to transmit data but will still rely on 4G and even 3G/2G networks for voice calls and SMS, according to Positive Technologies.
Because 5G networks interact with other mobile networks, hackers can exploit the weaknesses in multiple protocols. An attacker targeting a 5G network could take advantage of vulnerabilities in 3G.
In one real-life example cited by Positive Technologies, hackers in early 2019 exploited flaws in SS7 to intercept SMS messages used for two-factor authentication by clients of Metro Bank in the UK. In another incident involving a German mobile operator, hackers were able to steal money from the bank accounts of customers.
The security flaws affecting 5G can also impact IoT devices through denial of service attacks, according to Positive Technologies. Hackers could make home or industrial IoT devices unavailable at a critical time. To benefit from 5G, IoT devices will increasingly depend on a strong mobile connection but also one that’s safe and secure.
For mobile operators and other companies involved in cellular technology, Positive Technologies offers several recommendations that could help protect 5G networks from outside attack.
- Follow security guidelines from the Global System for Mobile Communications (GSMA). Mobile operators should adapt GSMA guidelines. Specifically, security should be tested to determine the effectiveness of current procedures, find vulnerabilities and risks, and determine areas for improvement. Security settings should also be up to date with verification performed both periodically and whenever network equipment is added or modified.
- Monitor signaling traffic. Signaling traffic should be monitored and analyzed as it crosses the network border as a way to find potential threats and configuration errors. To set this up, mobile operators can use special threat detection systems to analyze signal traffic in real time and detect atypical activity by external hosts. These systems can block illegitimate messages without hurting network performance and share information with other forms of protection.
- Security must be a priority upfront. For mobile operators, security should be a priority during the design phase of a 5G network. Any attempts to implement security as an afterthought are likely to result in higher costs and an inability to fix long-term security flaws.
- Detect, respond, and audit. Continuous real-time threat detection is vital for determining the effectiveness of network security and supporting the detection and resolution of security flaws. Analyzing generic vulnerabilities and ongoing or new threats can help secure the network. Finally, auditing offers visibility into the network to better understand ever-changing risks.