Flaws in Diameter signalling protocol make all 4G networks prone to denial-of-service attacks
The protocol is used to authenticate message and information distribution in 4G networks
A security assessment of the Diameter signalling protocol performed by the researchers at Positive Technologies shows that all existing 4G networks are susceptible to denial-of-service (DoS) attacks.
According to researchers, this protocol is marred by several architectural flaws, which could allow hackers to launch targeted DoS attacks against 4G subscribers, track their location, and obtain their confidential information.
Diameter signalling protocol is a vital component in 4G networks. It is used to authenticate message and information distribution in 4G networks while also facilitating communication between the network elements of Internet Protocol.
In the current study, researchers attempted to infiltrate 28 telecommunications networks across Europe, Asia, South America, and Africa between 2018 and 2019 and reported success in each of their attempts.
They explored different types of attacks, including denial of service (DoS) attack, attempts to circumvent restrictions imposed by operators to allow fraudulent usage, and intercepting SMS.
DoS was found to be the easiest form of attack, facilitated by architectural flaws existing in the Diameter protocol.
"Every tested network was vulnerable to denial of service," the researchers revealed.
Test attacks resulted in dropped or slower Internet connections and prevented the subscriber from using the Internet. In some cases, the subscriber device was even downgraded to 3G mode.
Other flaws in the protocol allowed testers to track the location of the subscriber (in 89 per cent of the cases).
They also successfully obtained sensitive subscriber information and were able to bypass restriction on mobile services.
"In most cases, the testers successfully accessed subscriber profiles."
That happened because of telecommunication networks not paying attention "to consider the actual location of a subscriber when receiving signalling traffic from an external network".
The researchers caution that these security flaws will continue to exist in upcoming 5G networks, which are built on the top of existing 4G architecture and use the same LTE network core.
Because of the vulnerabilities, the 5G subscribers could see their service downgraded to insecure 3G networks.
"5G networks currently have the non-standalone architecture, which is based on 4G."
"Attempts to implement security as an afterthought at later stages may cost much more: operators will likely need to purchase additional equipment, at best. At worst, operators may be stuck with long-term security vulnerabilities that cannot be fixed later."
More on Threats and Risks
Surge in attacks from China-linked APT41 targeting unpatched Citrix servers and Cisco routers
APT41 attacks carried out between January and March targeted unsecured Citrix NetScaler servers and Cisco routers
More ransomware groups threaten to publish data stolen data from non-payers
More and more ransomware groups are starting to steal data before encryption in order to blackmail their victims into paying up
Easy availability of ICS hacking tools poses major threat to industrial sector, researchers warn
Most tools are 'vendor agnostic' and can target products from some of the largest ICS original equipment manufacturers, warns FireEye
Spanish hospitals targeted with coronavirus-themed phishing lures in Netwalker ransomware attacks
Groups behind Netwalker switched phishing baits to coronavirus last week - as other ransomware groups pledged to avoid medical facilities
Microsoft: Two zero-day vulnerabilities in Windows Adobe Type Manager Library are actively being exploited
All supported versions of Windows operating system are affected
Most read
