Positive Technologies has issued an analytical report on fundamental security flaws in the 4G network core, known as Evolved Packet Core (EPC)
Detected vulnerabilities pose a threat to intelligent traffic lights and street lighting; electronic road signs; information displays at bus stops; and other smart city features that are commonly connected to mobile networks of the fourth generation. Positive Technologies revealed these flaws in mobile networks, which are also relevant to future 5G networks, as part of security assessment conducted in 2016 and 2017.
Vulnerability exploitation techniques specified in the report are based on flaws of the GTP protocol. They do not require an attacker to possess any sophisticated tools or skills, instead they simply need a laptop, a free software installer for penetration tests, and basic programming skills.
"Many cities optimise road traffic by introducing smart traffic lights that are often networked together using 4G technologies. If such a network is hacked and denial of service hits just a few traffic lights, for example, this may lead to road accidents and traffic at a standstill," states Pavel Novikov, Head of Research Group for Telecom Security from Positive Technologies. "That is why mobile operators involved in city automation should pay particular attention to methods of preventing network threats."
The detected vulnerabilities pose a threat to both Industrial Internet of Things (IIoT) devices connected to mobile networks, self-driving cars, and other IoT objects. Analysts estimate that by 2022, the number of IoT devices connected to mobile networks will increase from 400 million to 1.5 billion. Ordinary mobile users are no exception, as they also suffer from security flaws: attackers may spy on mobile subscribers, eavesdrop on VoLTE calls, or intercept internet traffic and SMS messages (for example, those that contain one-time bank passcodes).
These attacks can be carried out by employees of virtually any telecom operator and by external attackers who gain access to the operator's infrastructure. Entry can be gained by, for example, password bruteforcing or exploiting the smallest vulnerabilities in the network perimeter. In some cases, attacks can even be implemented from a subscriber's mobile phone.
To combat these threats, Positive Technologies recommends analysing security of the mobile network and applying measures to protect data from unauthorised access: for example, encryption can be used. Moreover, applying special instruments for monitoring, analysing, and filtering of messages that cross network boundaries will increase security of the network and its subscribers.
Recently, Positive Technologies published a report devoted to vulnerabilities of another key protocol of 4G and 5G networks, Diameter.