- Source|Today's headlines
- Release time|2021-01-21
Zhengdian Technology released the "5G Independent Core Security Assessment". The report discusses the vulnerabilities and threats of users and mobile network operators that stem from the use of new independent 5G network cores.
Vulnerabilities in the HTTP/2 and PFCP protocols used by independent 5G networks include the theft of user profile data, simulated attacks, and forged user authentication.
Mobile operators are currently running non-independent 5G networks based on the previous generation of 4G LTE infrastructure. Due to long-standing vulnerabilities in the Diametre and GTP protocols, these non-independent 5G networks are at risk of attacks, and these vulnerabilities were reported by Active Technology earlier this year.
Operators are gradually migrating to independent infrastructure, but this also has its own security considerations. Gartner predicts that 5G investment will exceed LTE/4G in 2022, and communication service providers will gradually add independent functions to their non-independent 5G networks.
A series of technologies in 5G may expose users and operators' networks to attacks. Such attacks can be carried out from international roaming networks, operators' networks, or partner networks that provide service access.
For example, the Packet Forwarding Control Protocol (PFCP) used to establish user connections has multiple potential vulnerabilities, such as denial of service, cutting off user access to the Internet, and redirecting traffic to attackers, allowing them to downlink user data . The correct architecture configuration, as emphasized by the Active Technology GTP Protocol Research Institute, can prevent these types of attacks.
The HTTP/2 protocol, which is responsible for the important network functions (NFs) of registering and storing configuration files on the 5G network, also contains several vulnerabilities. Using these vulnerabilities, an attacker can obtain NF configuration files and use details such as authentication status, current location, and subscriber settings for network access to simulate any network service. Attackers can also delete NF configuration files, which may cause economic losses and destroy user trust.
In this case, users will not be able to take action on the threats lurking on the network, so operators need to have sufficient visibility to prevent these attacks.
Dmitry Kurbatov, CTO of Propositive Technologies, said: “Attackers may use these networks when independent 5G networks are established and operators are addressing potential vulnerabilities. Therefore, operators must start from the offset to consider security issues.”
User attacks can cause damage to the economy and reputation, especially when vendors are highly competitive in launching 5G networks. In the face of such a variety of attacks, a robust core network security architecture is by far the safest way to protect users.
5G independent network security issues will have a more profound impact on CNI, IoT and connected cities, which will put critical infrastructure such as hospitals, transportation and public utilities at risk. In order to achieve full visibility to traffic and messages, operators need to conduct regular security audits to detect errors in the configuration of core network components to protect themselves and their users.
