The 5G networks are a reality and are increasingly present in major cities. It is true that there is still a long way to go to reach a large part of the territory, in addition to that there are not many users who have a compatible device, but little by little it is gaining more weight. In this article we echo some flaws that have been detected in this type of mobile network and that would allow an attacker to find out the user’s location, as well as steal data.
New failures in 5G networks put security at risk
Security is a very important factor for users when browsing the net. No matter the type of device we use, there can always be certain vulnerabilities and problems that are exploited by attackers. In this case it is a series of vulnerabilities that are present in 5G networks.
With the passage of time and with a greater presence of these networks, they have also been able to analyze more the possible vulnerabilities that exist. An analysis of its architecture has revealed some possible attacks that they could suffer, such as DDoS , which would cause problems for users to access the network and even be able to intercept traffic .
These findings are part of an investigation they have carried out from Positive Technologies. Keep in mind that a few months ago they already discovered some failures that affected both LTE and 5G.
From Positive Technologies they indicate that the key elements of network security include the proper configuration of the equipment, as well as the authentication and authorization of the network elements. If any of these items fail or are not configured correctly, attacks on the PFCP protocol can occur. This could lead to the disclosure of subscriber authenticators and information.
Man-in-The-Middle Attacks
Although 5G offers different security benefits, with different encrypted transport layer protocols, they could have potentially vulnerable technologies that could open the door to Man-in-The-Middle and DDoS attacks .
One such problem is the system architecture of the interface dedicated to interface sessions through a protocol called Packet Forwarding Control Protocol (PFCP).
This failure consists in that a hypothetical attacker could send a PFCP packet requesting the modification or elimination of the session, causing a denial of service with which they would be able to interrupt Internet access. This bug has received a CVSS score of 6.1. It could also allow intercepting web traffic, which has been given a CVSS 8.3 score.
On the other hand, from Positive Technologies they have also discovered a couple of subscriber vulnerabilities that can be exploited to reveal the Permanent Subscription Identifier (SUPI) assigned to each subscriber and serve the end user using the authentication information filtered through the impersonation of a Base station.
With this they could even know the location data. They have given it a CVSS score of 7.4.
Another flaw discovered is where an attacker can impersonate the Access and Mobility Management Function (AMF) module that takes care of subscriber registration on the network by using subscriber identification information to create new sessions. Internet services for which the subscriber will be billed without their knowledge (CVSS score 8.2).
In short, although we can say that 5G technology is more secure and brings important changes, it is true that there are still vulnerabilities that must be controlled. We leave you an article with the characteristics of 5G .