News

Positive Technologies, a global telecoms security company, has released its report: 5G signaling networks: blast from the past - which gives an overview of the current state of protection of mobile networks and implications for security of nascent 5G networks. It is the first in a series of four reports on telecom security, which will go on to look at Positive Technologies’ security testing of SS7, Diameter, and GTP networks, includes details of real hacker attacks performed in the wild and what operators can do to protect themselves.

Positive Technologies has released its report 5G Network Security: Vulnerabilities Old and New, which outlines some of the greatest risks facing 5G as networks as they begin to launch around the world. 5G promises superfast connection speeds, ultra-low latency, and greater capacity represent huge opportunities for operators to transform their businesses, allowing them to offer new services and generate revenue through previously unavailable means of monetisation. However, these opportunities will be accompanied by risks.

According to a report by Positive Technologies, flaws in the Diameter protocol can be used by an attacker to deprive subscribers of the high speeds and superior quality promised by 4G operators. In the case of many 4G-enabled devices—such as pipeline safety sensors and gas leak detectors—lack of connectivity can lead to major financial losses and life-threatening accidents.

The problem of signaling network security has moved from a theoretical threat to one actively used by criminals in the wild. According to data collected by Positive Technologies, these criminals are able to monitor the location of mobile subscribers, intercept calls, bypass billing systems, and block users. One client, a major mobile operator with tens of millions of subscribers, faces a daily onslaught of more than 4,000 cyberattacks in signaling networks

Positive Technologies has issued an analytical report on fundamental security flaws in the 4G network core, known as Evolved Packet Core (EPC)

Billions has been invested, super speed reached, yet none of the security holes have been fixed