5G is the hot topic here around the world for a couple of months either its because of its ultra speed connectivity and being advanced than 4G or for new research showing lot of birds dying because of its radiations. And there joins another research from positive technologies that shows all the current 4G and first generation 5G networks are vulnerable to DOS attack.
" 100% of 4G networks are susceptible to denial-of-service attacks and 5G is not immune - Positive Technologies"
If you are not familiar with the word DOS, then i will explain it simple line. DOS is a kind of attack used by malicious person where lot of requests are sent from the one machine requesting for a particular source(mostly),hmmm i guess it would be better if i explain in this way. Imagine like this, you will be able to drink water only till a particular level right ? for example: 1.5 liter continuously after that what will happen ?, you willn't be able to drink or even if you drink you will feel vomiting or something right? . Servers (a group of computers) work in the same way. A Computer will be able to handle only upto a specific kind of requests so post that, it will fail for other requests. And there comes a another terms DDOS which might be useful for you at some place, this ddos is nothing but distributed denial of service. The difference is only one thing. If a attacker uses one computer then its dos and if he uses multiple to attack then its ddos.
Pretty hard to digest, uh! but how is it done? simple its because of the vulnerability exists in the Diameter base signalling protocol. What is this Diameter signal protocol ? first what is a protocol?
"A lot of the major mobile operators are already starting to roll out their 5G networks and so the industry needs to avoid repeating the mistakes of the past by having security front and center of any network design," Dmitry Kurbatov, CTO at Positive Technologies, said in a press release.
A protocol is a set of instructions that are needed to be followed by the system. And most 4G networks follows the above protocol, and this protocol performs AAA function. I.e; Authentication, Authorization and Accounting.
So, when there is a vulnerability in this protocol , imagine the consequences. Anyone can view your (subscriber) detAils, location and even redirect to insecure networks, ofcourse, its worst..
So, why 5G is affected? its just a new technology right? If we think like that, then we are wrong because the team says, the first generation 5g network is built only on top of 4G only.So,"If left unchecked, the 5G networks will not be immune from the same vulnerabilities of previous generation networks."
Any action we can take ? though we cannot take action directly, the only option available is operators has to start enforcing the specialized threat detection systems which can analyze the good one and bad signals by following GSMA guidelines and all i wish is it should be ad-hoc because IoT devices are getting increased day by day and we can't predict which network will be breached next as this is news is out.
Interested in knowing about this further?
You read this links : https://www.gsma.com/security/resources/fs-19-diameter-interconnect-security-v7-0/
Diameter Base protocol : https://tools.ietf.org/html/rfc6733
Related posts: