Vulnerabilities in standalone 5G networks could allow attackers to steal credentials and falsify subscriber authentication
ositive Technologies has
P published its 5G standalone core security assessment . The report discusses vulnerabilities and threats for subscribers and mobile network operators , which stem from the use of new standalone 5G network cores . The vulnerabilities in protocols HTTP / 2 and PFCP , used by standalone 5G networks , include the theft of subscriber profile data , impersonation attacks and faking subscriber authentication .
Mobile operators are currently running non-standalone 5G networks , which are based on previous generation 4G LTE infrastructure . These nonstandalone 5G networks are at risk of attack because of long-standing vulnerabilities in the Diameter and GTP protocols , which were reported on by Positive Technologies earlier this year . Operators are gradually migrating to standalone infrastructure , but this also has security considerations of its own . Gartner expects 5G investment to exceed LTE / 4G in 2022 and that communications service providers will gradually add standalone capabilities to their non-standalone 5G networks .
The stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator ’ s network . Such attacks can be performed from the international roaming network , the operator ’ s network or partner networks that provide access to services .
For example , the Packet Forwarding Control Protocol ( PFCP ) that is used to make subscriber connections has several potential vulnerabilities such as denial of service , cutting subscriber access to the Internet and redirecting traffic to an attacker , allowing them to downlink the data of a subscriber . Correct configuration of the architecture as highlighted in Positive Technologies GTP protocol research can stop these types of attacks .
The HTTP / 2 protocol , which is responsible for vital network functions ( NFs ) that register and store profiles on 5G networks , also contains several vulnerabilities . Using these vulnerabilities , attackers could obtain the NF profile and impersonate any network service using details such as authentication status , current location and subscriber settings for network access . Attackers can also delete NF profiles , potentially causing financial losses and damaging subscriber trust .
In these cases , subscribers will be unable to take action against threats that lurk on the network , so operators need to have sufficient visibility to safeguard against these attacks .
Dmitry Kurbatov , CTO at Positive Technologies , said : “ There is a risk that attackers will take advantage of standalone 5G networks , while they are being established and operators are getting to grips with potential vulnerabilities . Therefore , security considerations must be addressed by operators from the offset . Subscriber attacks can be both financially and reputationally damaging – especially when vendors are in high competition to launch their 5G networks . With such a diverse surface of attack , robust core network security architecture is by far the safest way to protect users . intelligent MOBILE SECURITY
“ 5G standalone network security issues will be much further reaching when it comes to CNI , IoT and connected cities – putting critical infrastructure such as hospitals , transport and utilities at risk . In order to achieve full visibility over traffic and messaging , operators need to perform regular security audits to detect errors in the configuration of network core components to protect themselves and their subscribers .” u
58 www . intelligentciso . com