Positive Technologies warned on Wednesday that bugs in the protocols used by standalone 5G network applications could expose consumers to identity stealing, impersonation, and other kinds of assaults.
Present 5G networks are non-standalone implementations built on the current 4G LTE system, however in the next five years, telecommunications providers are expected to participate significantly in the transition to standalone implementations.
And although non-standalone 5G networks are vulnerable to attacks targeting Diameter and GTP protocol bugs, it is possible to attack standalone 5G networks via HTTP/2 and PFCP protocol weaknesses, Constructive Technology states in a recently published paper.
Possible attacks will threaten customers and the network of the provider and may come from the network of the operator, the overseas roaming network, or affiliate networks that provide access to services.
The Packet Forwarding Control Protocol (PFCP), which allows subscriber connections, has security problems that could lead to service denial or redirection of traffic, causing a subscriber’s data to be downlinked by the intruder.
An intruder could submit request packages for session deletion (containing the client session identifier) or requests for session change to trigger service denial. To redirect the subscriber to the intruder, a session change request can also be used.
Such bugs may be eliminated, according to Optimistic Technology, if operators add the correct setup, provided that the device is internal.
The HTTP/2 protocol, responsible for critical network functions, is riddled by problems that might cause an attacker to impersonate a network service or erase profiles of network functions.
Attackers were able to try to register new features for the network. If the functions occur, they may create delays, or access subscriber information if they end up servicing subscribers via the attacker-controlled feature.
The attacker may impersonate a network service or access more data by obtaining the profile of a network function. If such activities are not limited, these profiles can be removed by an attacker capable of accessing network feature profiles, creating a denial of service for subscribers of the network.
Positive Technology states that other vulnerabilities, including those relating to subscriber verification, the exposure of subscriber profiles, or the production of sessions that impersonate current users, often concern standalone 5G networks.
There is a possibility that as they are being developed and providers are coming to grips with possible vulnerabilities, criminals will take advantage of standalone 5G networks. Protection issues must also be resolved by offset operators,” said Dmitry Kurbatov, CTO at Positive Technologies.