Hackers can exploit a vulnerability in the GTP protocol for Denial of Service, fraud, and data theft attacks against any cellular network from virtually anywhere.
This is one huge vulnerability that affects almost everybody who has a smartphone because the vulnerability lies in the way the mobile service providers handle mobile telephony. A protocol that allows millions of customers to use their mobile phones for data applications can also allow potential hackers to launch denial-of-service (DoS), user impersonation, and fraud cyberattacks against any mobile phone user they wish.
The vulnerability lies in a protocol called GTP and according to new research by Positive Technologies(PDF), the GTP vulnerability can affect certain 5G networks as well as all 2G, 3G, and 4G cellular infrastructures.
What is GTP Protocol?
GTP stands for GPRS Tunnelling Protocol (GTP) and GTP is a group of IP-based communications protocols used to carry general packet radio service (GPRS) within GSM, UMTS, and LTE networks. In layman terms, it is used in all your mobile phone connections.
The research conducted by Positive Technologies says that the GTP protocol contains a number of vulnerabilities threatening both mobile operators and mobile users. As a result, attackers can interfere with network equipment and leave an entire city without communications, impersonate users to access various resources, and use network services at the expense of the operator or subscribers. Every network tested was vulnerable to DoS, impersonation, and fraud.
The report adds that the risk level should be regarded as high: in some cases, an attack can be performed just by using a mobile phone. Faults in the GTP protocol directly impact 5G networks. At the moment, 5G Non-Standalone networks are deployed on the EPC core network. Therefore, all these threats also apply to current 5G networks. The GTP protocol will partially remain in the Standalone architecture, so its security vulnerabilities are applicable to current 5G technology being deployed.
The bad part is that the vulnerabilities lie in the protocol’s architecture rather than its implementation making it difficult to mitigate. If the vulnerability is exploited in the wild, we may soon have a situation where hackers could bring down the whole city’s mobile infrastructure by using this technique.
However, Positive Technologies recommends that mobile service providers should filter traffic at the GTP level and implement GSMA security recommendations as soon as possible.