GTP protocol security vulnerabilities put all mobile networks at risk

Posted by Alex Morrison June 11, 2020
Positive Technologies

As a result of security vulnerabilities in the GTP protocol, all mobile networks are vulnerable to DoS, impersonation and fraud attacks, according to new research from Positive Technologies

As a result of security vulnerabilities in the GTP protocol, all mobile networks are vulnerable to denial of service (DoS), impersonation and fraud attacks, revealed a new research from Positive Technologies.

The firm’s new Vulnerabilities in LTE and 5G networks 2020 report highlights the cybersecurity risks to networks that utilize the GTP protocol which is used to transmit user data and control traffic on 2G, 3G and 4G networks. However, non-standalone 5G networks are also vulnerable.

Tests conducted by Positive Technologies’ experts’ show that network equipment used in these networks are vulnerable to DoS attacks. DoS attacks against network equipment are far worse than those targeting specific users as a large number of people could lose connectivity following a successful attack. These attacks could be especially dangerous for 5G networks as IoT devices including industrial equipment, smart homes and even city infrastructure will also be affected.

Through the GTP protocol, networks were also vulnerable to impersonation attacks where a cybercriminal assumes the identity of a subscriber to get authorized access to online services in order to bypass two factor authentication. At the same time though, fraudsters can also launch these attacks to perform mobile traffic drain for fake roamers and make a network operator pay for it.

Faults in the GTP protocol directly impact most 5G networks because they are non-standalone and deployed on the EPC core network meaning they have the same vulnerabilities. The GTP protocol will also be used in standalone 5G architecture, so even when new networks are developed, security will remain a key issue.

Positive Technologies’ CTO Dmitry Kurbatov provided further insight on the report’s findings in a press release, saying: Every network tested was found to be vulnerable to DoS, impersonation and fraud. In practice, this means that attackers could interfere with network equipment and leave an entire city without communications, defraud operators and customers, impersonate users to access various resources, and make operators pay for non-existent roaming services. Moreover, the risk level is very high: some of these attacks can be performed using just a mobile phone.

Disclaimer: The opinions expressed by our writers are their own and do not represent the views of Scommerce. The information provided on Scommerce is intended for informational purposes only. Scommerce is not liable for any financial losses incurred. Conduct your own research by contacting financial experts before making any investment decisions.

scommerce

Welcome! Get free access to EVERYTHING we publish…

Whether you are an investor, tech enthusiast, or entrepreneur we have something for you. You'll get our FREE weekly newsletter with latest news and information along with special offers. Please take time to read our privacy policy. The information you provide us will be processed in accordance with this.