Tip of the iceberg: the price of software-defined networks couldĀ be endless hackers, ransom demands and eternal vigilantes
Every big Radio Access Network (RAN) software rollout runs the risk of major T-Mobile style breachesĀ in future if weak spotsĀ are not addressed at the time of development, according to telecoms security specialist Positive Technologies (PT).
In its latest study it found at least 50 methods for exploiting telecoms vulnerabilities and dozens of brand new cybersecurity flaws in telecoms systems.
The price of software-defined networking will be eternal vigilanceĀ and security must be coded into every component of 5G software, according to Gustavo Konte, an engineer securing Latin America for PT.Ā A third of the world’sĀ organisations have been held to ransom and the vulnerable infantĀ networks of mobile operators offer a temptingĀ target forĀ predators. Ā
āSecurity in particular must be integral from the beginning,ā said Konte.Ā
According to PT, mobile network infrastructure builders across the globe are making the same compromises in the 5G installation race. A new generation of transmitters is being set up in haste, accepting any cyphering methods and parameters as long as they’re fully functioning as soon as possible. The assumption is that security can be hardened in retrospect.Ā
āCorporations like Verizon, which is using AI and other advances to identify specific deployment locations for its midband rollout, will obviouslyĀ strive to build a secure network before accepting subscriber traffic,ā said Konte.
Whatās best for capacity isnāt always best for security, Konte warned. In some high-density areas close to natural elements like mountains and lakes, the network owner might wantĀ indoor femtocell coverage, so the installer will bring the equipment closer to the subscribers in order to offer clearer transmission. While access to consumers is the priority, the network is more likely to fall victim to physical access and tampering.Ā
Transport network gives access
āThe 5G radio interface is natively more secure, but that doesnāt necessarily apply to the equipment used, or the transport networks that connect radio sites to mobile operator buildings,ā according to PTās Konte.Ā
Transport network access is another danger highlighted in PT’sĀ report since it gives attackers the chance to take down or take control of multiple 5G transmitters. This creates a denial of service to the nearest equipment, preventing the comms kit from consolidating several transmitters data traffic and routes it to the nearest core site. Hackers can also eavesdrop on calls, messages and data traffic from 5G subscribers connected to the accessed site.
Attackers could map the operatorās network, gain access to higher relevance network equipment and shut down services, PT warns.Ā These attacks are as likely to be local criminal enterprises as they are to be allegedĀ state sponsored attacks. The new access granted by insecure 5G networks is more likely to make hackers target information held by specific agencies, companies and persons, according to Konte.Ā Ā
āDomestic criminals are most likely to be responsible for attacks against telecoms equipment and mobile networks,ā said Konte, āBut this raises another point: Is the sensitivity of residents and companies considered on all transmitter deployments?āĀ
State sponsored hacker or locals?
Could domestic hackers pose as state sponsored hackers in a bid to scare off investigators?
Possibly, said Konte, because intent is the hardest factor to decipher in cyber attacks. āIf an attacker wants to monitor a local contractor and the target works for a big company or government, the attacker would seek access to their work transmitter rather than their home one. That makes it harder for cybersecurity experts to specify the target and, as a consequence, the perpetrator.āĀ
PT claims it wasĀ the first to discover security issues associated with communications protocol, Signaling Systems 7 (SS7), which can be exploited to remotely intercept phone calls and bypass 2-factor authentication for access to social media profiles.