Attackers can take advantage of a decades-old protocol to exploit 5G networks.
Researchers at Black Hat Asia have shown how hackers can use an exploit in 5G networks because of the platform’s reliance on an old protocol from 1975.
In the global rush to deploy 5G, security appears to have received insufficient attention. The new telecom platform is still using a broad and eclectic mix of old technologies. This makes it easy for cyberattackers to penetrate 5G systems.
In this presentation, Puzankov detailed how outdated protocols like SS7 are still causing problems in the telecoms industry. “Standards reliant on SS7, a technology developed in the 1970s, still continue to dominate,” he complained.
Proven vulnerability of the SS7 protocols
Indeed, Positive Technologies has previously revealed security flaws in the SS7 protocol. Attackers could exploit these flaws to conduct various kinds of attacks, ranging from intercepting phone calls to bypassing two-factor authentication (2FA), according to the company.
Puzankov blames outdated tech for the vulnerability. “This mishmash of technologies, protocols, and standards in telecom has implications for security. Intruders are attacking mobile networks from all possible angles, in part by leveraging multiple protocols in combined attacks.”
In his presentation, Puzankov described how an attacker can take advantage of vulnerabilities in different generations of signaling protocols. He demonstrated how access to the old SS7 signaling system is enough to manipulate data on newer-generation (4G/5G) networks.
“An attacker can intercept voice calls on combined 2G/3G/4G networks,” explained Puzankov. He added that they could also commit fraud by subscribing random subscribers to VAS services.”
Cross-protocol attacks pose a threat
Puzankov presented scenarios involving “cross-protocol attacks.” This is because the attacks start with actions in one protocol and are continued by actions in a different protocol.
The exploit is not that simple. Particular combinations of actions are required or the attack to succeed.
“In most cases, operators can protect their networks better without [additional] cost,” said Puzankov. “They just need to check if their security tools are effective when new vulnerabilities are reported.”