Mobile technologies have become part of everyday life, making them an increasingly appealing target for criminals. Some of these threats are quite well known: security researchers have long been discussing vulnerabilities in 2G and 3G networks. Traditional two-factor authentication by SMS is no longer recommended for securing critical services. However, additional threats are coming to the forefront. The main consumers of communication services are no longer people, but Internet of Things devices. IoT adoption has taken off following the deployment of 5G networks in a number of countries. The security of the IoT depends on how well mobile technologies are protected.
Each generation of mobile networks must interoperate with previous ones. As a result, newer generations tend to inherit the weaknesses of their predecessors. 5G relies on 4G networks, and 4G itself performs some functions via 2G/3G. Here we will consider the security threats to different generations of mobile networks. Our analysis is based on security testing of SS7, Diameter, and GTP networks.