While the industry focuses on 5G, 2G and 3G networks still vulnerable to attacks

From Positive Technologies.

Positive Technologies has published a report that analyzes security in mobile networks using the SS7 protocol. Developed in partnership with 28 telecommunications operators in Europe, Asia, Africa and South America between 2018 and 2019, the study shows that SMS tracking and interception and location attacks can be conducted through 2G and 3G networks at present.

Positive Technologies researchers simulated attack activities to evaluate possible failures in the SS7 protocol, used to receive and distribute signaling messages. According to the company, in addition to the architectural security flaws that already exist in the protocol, the risk lies in the fact that cybercriminals can illegally purchase access to SS7 networks on the dark web. In this way, 2G and 3G networks become vulnerable, allowing hackers to track every movement of a customer, listen to calls, intercept SMS messages, instigate fraud or even interrupt operator services.

"From the client's point of view, it is scary to think that there are vulnerabilities in the mobile phone network and that, even so, you won't know if your phone has been affected. That is, messages, calls and location can be tracked without your knowledge, "warns Giovani Henrique, CEO of Positive Technologies for Latin America. "It is important that mobile operators establish partnerships with companies specializing in risk mitigation to ensure the security and visibility of their networks, identify existing vulnerabilities and reduce the impact of these threats," he adds.

According to Positive Technologies experts, security researchers in the sector have warned of the risks of SS7 for decades. However, the failures have become more serious in recent years. The company claims that, in the last three years, the percentage of vulnerable networks has increased in almost all categories of threats, such as information disclosure, location, call interception, financial fraud and denial of service attacks (DoS).

"Although the security of SS7 was improving, with the concentration of operators in the implementation of 5G technology, progress has stopped and the risks of 2G and 3G networks are currently a threat," Henrique explains.

According to the executive, operators plan to close their 2G and 3G networks in the future, but the GSMA reports that these networks of the previous generation will still be available to the public in the next five years. “This means that SS7 will not be a thing of the past in the short term. In addition, the most recent networks are also designed using the network infrastructure of the previous generation, which means that they are affected by the same security problems as SS7," Henrique warns. "Some 4G functions still depend on 2G/3G systems, including sending SMS messages and establishing call connections," he explains.

According to the European Agency for Network and Information Security (ENISA), only 30% of EU operators have implemented the GSMA recommendations. This does not necessarily mean that risk mitigation plans do not work, but that the security tools in use are not enough.

"First, operators must ensure that the correct processes exist to ensure that their mobile networks do not have blind spots," says Henrique. For the executive, only with a comprehensive approach – which includes regular monitoring of any anomaly to detect illegitimate activities – and with compliance with GSMA guidelines, operators can guarantee a higher level of protection against cyber attacks. "We must be aware of 4G and 5G to avoid the same problems as in the past," he warns.

The report is the second in a four-part series on telecommunications security, in which Positive Technologies experts analyze the SS7, Diameter and GTP networks to demonstrate the extent of security problems in modern communications networks. The full document can be accessed here.

About Positive Technologies

Positive Technologies is a global cyber security company, based in Europe. Its solution for IT security in telecommunications helps network operators improve their business performance and protect their customers and services. By offering greater visibility of infrastructure vulnerabilities and guaranteeing customer services, Positive Technologies helps increase customer confidence, boost revenue with value-added security services and protect emerging telecommunications technologies, such as 5G and IoT.