Old tech could make 5G networks vulnerable to exploit

A “mishmash" of dated technologies and protocols can leave multiple entry-points for attack.
2 October 2020

Australia declares 2021 the ‘Year of 5G’. Source: Shutterstock

5G is touted as new vertebrae for a connected world of autonomous vehicles, smart cities, virtual reality entertainment.

From agriculture to viticulture, and everything in between, every industry has exciting use cases that are built on the theoretical capabilities of 5G’s real-time data transfer, high capacity, and faster service.

But not all the hype around the ‘next-gen’ cellular technology has been positive.

The stripping of Huawei equipment from the UK telecom infrastructure has set deployment back by up to three years. Not to mention the wild conspiracy theories surrounding 5G’s link to the coronavirus which saw cell towers set ablaze.

As reported by ZDNet, renewed concerns around the security readiness of 5G suppliers were highlighted at Black Hat Asia this week, as researchers demonstrated how attackers could take advantage of a “decades-old protocol” to exploit 5G networks.

The statement was made as countries race to deploy 5G infrastructure in a bid for their economies to leverage some of those aforementioned benefits, before rivals, with download speeds up to 100x faster than 4G. By 2024, 5G networks are expected to cover 40% of the world, handling 25% of all mobile data traffic. 5G-ready devices are already being rolled out, by the end of 2024, there is projected to be 1.5 billion 5G mobile subscriptions.

Amid the goldrush, security has taken a backseat. The report described security considerations by 5G suppliers and telecoms firms as “fragmented and bolted-on telecoms technologies, protocols, and standards” which are leaving “gaping holes” for exploitation.

According to Positive Technologies’ security expert Sergey Puzankov speaking at the event, outstanding issues in protocol SS7, which were developed in 1975, have not advanced significantly. The firm found, in 2014, that flaws could be exploited and used to carry out attacks, including bypassing two-factor authentication (2FA) and intercepting phone calls.

Puzankov demonstrated how attackers could leverage the vulnerabilities to commit financial fraud by signing up subscribers to value-added services without consent.

The SS7 protocol among others is in continued usage as they enable a seamless experience for customers when they shift between 3G, 4G, and 5G. The result, said Puzankov, is an unsecured “mishmash of technologies, protocols, and standards in telecom”.

Intruders, therefore, have multiple angles of attack by leveraging multiple protocols. Attackers can begin with a malicious action in one protocol and continue in another, following specific combinations of actions and a mix of network generations.

While vendors are aware of the issues and are implementing a broad variety of security measures, including firewalls and security audits, they don’t go far enough.

“It is still possible for attacks to take place on well-protected networks,” said Puzankov, having demonstrated several routes to entry.

“In most cases, operators can protect their networks better without [additional] cost. They just need to check if their security tools are effective when new vulnerabilities are reported.

The demonstration at Black Hat Asia certainly isn’t the first time concerns have been raised about how the rush to deploy 5G could lead to serious security flaws. IRM’s Risky Business report outlined how 5G will produce a larger attack surface as more distributed network data centers get deployed.

“The vulnerabilities in 5G appear to go beyond wireless, introducing risks around virtualized and cloud-native infrastructure.”

The report noted that in order to drive 5G deployment, a secure infrastructure strategy is vital, but ‘white box’ hardware will be critical to lowering the total cost of ownership.

“It’s not known whether such hardware has the right security solutions, so implementing device security practices will be critical to making this model work,” read the report.