5G cell phone mast in a populated urban area. 5G tower next to houses in a town, village or city.

Source: Shutterstock

Dated protocols mean 5G could have ‘gaping’ security holes

  • Dated protocols passed between 3G, 4G and 5G could make the next-gen networking tech vulnerable
  • The warning was delivered by a security expert at Black Hat Asia, as reported on by ZDNet

5G is often touted as the next-gen backbone to a new chapter in technology, from autonomous vehicles to smart cities and virtual reality-infused entertainment. Every industry has exciting use cases that are built on the theoretical capabilities of 5G’s real-time data transfer, high capacity, and faster service.

But not all the hype around the ‘next-gen’ cellular technology has been positive.

The stripping of Huawei equipment from the UK telecom infrastructure has set deployment back by up to three years. Not to mention the wild conspiracy theories surrounding 5G’s link to the coronavirus which saw cell towers set ablaze.

As reported by ZDNet, renewed concerns around the security readiness of 5G suppliers were highlighted at Black Hat Asia this week, as researchers demonstrated how attackers could take advantage of a “decades-old protocol” to exploit 5G networks.

The statement was made as countries race to deploy 5G infrastructure in a bid for their economies to leverage some of those aforementioned benefits, before rivals, with download speeds up to 100x faster than 4G. By 2024, 5G networks are expected to cover 40% of the world, handling 25% of all mobile data traffic. 5G-ready devices are already being rolled out, by the end of 2024, there is projected to be 1.5 billion 5G mobile subscriptions.

APAC is set to become an outstanding leader. According to GlobalData, it will account for 65% of global 5G subscriptions in by 2024, led by South Korea, China, Japan, Australia, and Singapore.

Amid the goldrush, security has taken a backseat. The report described security considerations by 5G suppliers and telecoms firms as “fragmented and bolted-on telecoms technologies, protocols, and standards” which are leaving “gaping holes” for exploitation.

According to Positive Technologies’ security expert Sergey Puzankov speaking at the event, outstanding issues in protocol SS7, which were developed in 1975, have not advanced significantly. The firm found, in 2014, that flaws could be exploited and used to carry out attacks, including bypassing two-factor authentication (2FA) and intercepting phone calls.

Puzankov demonstrated how attackers could leverage the vulnerabilities to commit financial fraud by signing up subscribers to value-added services without consent.

The SS7 protocol among others is in continued usage as they enable a seamless experience for customers when they shift between 3G, 4G, and 5G. The result, said Puzankov, is an unsecured “mishmash of technologies, protocols, and standards in telecom”.

Intruders, therefore, have multiple angles of attack by leveraging multiple protocols. Attackers can begin with a malicious action in one protocol and continue in another, following specific combinations of actions and a mix of network generations.

While vendors are aware of the issues and are implementing a broad variety of security measures, including firewalls and security audits, they don’t go far enough.

“It is still possible for attacks to take place on well-protected networks,” said Puzankov, having demonstrated several routes to entry.

“In most cases, operators can protect their networks better without [additional] cost. They just need to check if their security tools are effective when new vulnerabilities are reported.

The demonstration at Black Hat Asia certainly isn’t the first time concerns have been raised about how the rush to deploy 5G could lead to serious security flaws. IRM’s Risky Business report outlined how 5G will produce a larger attack surface as more distributed network data centers get deployed.

“The vulnerabilities in 5G appear to go beyond wireless, introducing risks around virtualized and cloud-native infrastructure.”

The report noted that in order to drive 5G deployment, a secure infrastructure strategy is vital, but ‘white box’ hardware will be critical to lowering the total cost of ownership.

“It’s not known whether such hardware has the right security solutions, so implementing device security practices will be critical to making this model work,” read the report.