HomesecurityHackers use mobile internet protocol errors targeting 4G / ... users

Hackers use mobile internet protocol errors targeting 4G / 5G users

According to a recently published research, high impact errors in modern communication protocol, used by mobile network providers (MNOs), can be exploited by hackers for interception data users, as well as to perform DDoS attacks and forgeries - fraud. The findings are part of a new report on faults on 4G and 5G networks for 2020, published last week by London-based Positive Technologies. The report includes the results of the evaluations security held between 2018-2019 on behalf of 28 telecommunications providers in Europe, Asia, Africa and South America.


Named GPRS Tunneling Protocol (GTP), the Internet Protocol (IP) communication standard sets out a set of rules governing data traffic on 2G, 3G and 4G networks. It is also the basis for the basics network GPRS and its successor Evolved Packet Core (EPC), allowing users to stay connected to the Internet while moving from one place to another.

According to the company, the GTP protocol contains a number of bugs that threaten both mobile providers and their customers. As a result, hackers can intervene in network equipment and leave an entire city without communication, "falsifying" users to obtain access in various resources, and use services network at the expense of network operators or subscribers.

Basic error due to the fact that the protocol does not control the actual position of the subscriber, thus making it difficult to verify whether the incoming movement is legal. A second architectural issue is related to the way they are verified credentials subscribers, thus allowing hackers to forge the node that acts as SGSN (Serving GPRS Support Node). Even more troubling is the possibility of fraud and forgery, where hackers can use a hacked ID to use a mobile phone. Internet as legal users. In an alternative scenario, hackers could breach user login data containing identifiers, such as a subscriber's phone number, to "emulate" that person and gain Internet access.

According to the report, these attacks can be used not only by hackers but also by a dishonest mobile network provider, with the aim of creating roaming traffic, with MNO charging another provider for non-existent roaming activity of this provider's subscribers. In all the networks tested, it was possible to use mobile internet at the expense of both the other subscribers and the operator. With 5G networks using EPC as the main network for wireless communications, Positive Technologies has said it is just as vulnerable to hacking and hacking. He added that any network tested was prone to DDoS attacks on network equipment, thus preventing reputable subscribers from connecting to the Internet and disrupting mobile communications services. Researchers say mass communication loss is particularly dangerous for 5G networks, because it's about devices IoT such as industrial equipment, Smart Homes and city infrastructure.

To mitigate security issues and reduce the risk of hackers, the company urges operators to perform whitelist-based IP filtering at the GTP level, as well as to follow GSMA's security recommendations for real-time traffic analysis and for the exclusion of illegal activity. The report concluded that safety should be a priority when designing a network. This is now coming to the fore, as operators are beginning to build 5G networks.

Finally, according to the report, efforts to implement security at later stages can cost much more. At best, operators will likely need to purchase additional equipment. In the worst case, they may encounter security errors that cannot be fixed later.

Every accomplishment starts with the decision to try.