4G and 5G networks are vulnerable due to their mix with old technologies
The deployment of 5G networks continues its course, and many more phones on the market are compatible with this technology. However, cybersecurity researchers believe the next step is strengthening wireless communication protection.
Despite the global epidemic, plans to use the fifth generation of wireless connectivity have continued. Operators are starting to install 5G in their services for both companies and users.
As with all new technological innovations, part of the development process includes strengthening security from potential attacks and identifying potential cornerstones that can reach cyber killers. 5G is also dangerous and not new like this, but it was developed decades ago.
During the launch of Black Hat Asia on Friday, Sergey Puzankov, a security expert at Positive Technologies. Highlighted the SS7 protocol as one of the telecommunications industry’s biggest challenges. This protocol was established in 1975 and has not changed much since then.
Also: Things to Keep in Mind Before Incorporating Modern Technologies
They are integrating technologies from different eras in which 5G is used, making it easier to find older technology gaps. Signaling System 7 (SS7) was introduced in 2014 as a protocol with serious security errors. They are making it easier for perpetrators to intercept calls and SMS than two-factor authentication (2FA).
This type of attack affects 5G and 2G, 3G, and 4G networks. In addition to disconnecting calls and SMS, cybercriminals can commit what is known as subscription fraud. It contains “random” sending to subscribers with SS7 / GTP agreements. In this way, they can apply for registration for each victim with personal information stolen from them.
“It is possible that the attack took place on well-protected networks,” Puzankov said in a statement. However, operators are already aware of this risk and are working to prevent and protect 4G and 5G networks. “In many cases, operators can better protect their networks at no additional cost. They only need to ensure that their security tools are effective in analyzing new risks,” explains Puzankov.
