Due to GTP security vulnerabilities, all mobile networks are vulnerable to denial of service (DoS), identity theft and fraudulent attacks based on new research from Positive Technologies. The company's new 2020 report on vulnerabilities in LTE and 5G networks highlights cybersecurity risks for networks using the GTP protocol that is used to transmit user data and control traffic on 2G, 3G and 4G networks. However, non-standalone 5G networks are also vulnerable. Testing by experts at Positive Technologies shows that the network equipment used in these networks is vulnerable to DoS attacks. DoS attacks on network equipment are much worse than those directed at specific users, since a large number of people could lose connectivity after a successful attack. These attacks could be particularly dangerous for 5G networks, as IoT devices, including industrial equipment, smart homes, and even city infrastructure, will also be affected.
GTP protocol
Thanks to GTP, networks were also vulnerable to identity theft attacks when a cybercriminal assumes a subscriber's identity to gain authorized access to online services to bypass two-factor authentication. At the same time, scammers can also launch these attacks to drain mobile traffic for fake roamers and charge a network operator. GTP protocol flaws have a direct impact on most 5G networks because they are not stand-alone and are implemented on the EPC core network, which means they have the same vulnerabilities. GTP will also be used in a standalone 5G architecture, so even as new networks are developed, security will remain a key issue. Positive Technologies CTO Dmitry Kurbatov provided an overview of the report's findings in a press release, stating: “Each network tested was found to be vulnerable to DoS, spoofing, and fraud. In practice, this means that attackers could interfere with network equipment and leave an entire city without communications, defraud operators and customers, impersonate users to gain access to various resources, and force operators to pay for Internet services. roaming not available. Furthermore, the level of risk is very high: some of these attacks can be carried out using a simple mobile phone. "