sb-as logo
Story image

2G and 3G networks are 'open doors' for cyber attacks

2G and 3G networks could be putting the public at risk, according to research released today by Positive Technologies. 

Due to vulnerabilities in the SS7 protocol, 2G & 3G networks are opening the door for hackers to potentially track a customer’s every move, listen in on calls, intercept SMS messages, instigate fraud or even strip them of service. 

The research is based on the networks of 28 telecom operators across Europe, Asia, Africa and South America between 2018–2019. 

In the study, researchers simulated the actions of a potential intruder to reveal the flaws in the SS7 protocol which is used to receive and distribute signalling messages. 

The risks lie in that cybercriminals can potentially buy access to SS7 networks illegally on the dark web, as well as their notoriously flawed architectural security.

“From a customer’s point of view, it’s scary to think that the vulnerabilities in the network won’t mean that you know if your phone has been affected,” says Positive Technologies chief technology officer Dmitry Kurbatov. 

“Messages, calls and your location can be tracked without your knowledge. 

“Therefore, it's the operators' responsibility to stand guard and have visibility of their networks to be able to identify existing vulnerabilities and develop measures to mitigate the impact of these threats.”

Security researchers have warned about SS7 for decades, however, the vulnerabilities have become more severe in recent years, as identified by researchers involved in the study.

The report found that in the last three years, the percentage of vulnerable networks has increased in nearly all threat categories such as information disclosure, location disclosure, interception of calls, fraud and subscriber DoS.

While the security of SS7 had been improving, progress has stalled. Operators have become so distracted by 5G, which promises to bring super high speed and ultra-low latency benefits to customers, that they have neglected the risk of 2G and 3G not being protected, says Positive Technologies.

“Although there are talks amongst mobile operators to retire and shut down their 2G and 3G networks, the GSMA reports that these previous generation networks will still be available to the public over the next five years,” says Kurbatov.

“This means SS7 won’t be a thing of the past anytime soon. 

“Whilst operators have been hasty in turning their attention away from 2G and 3G, the reality is the newer networks are also built using previous generation networks infrastructure, meaning they are plagued with the same SS7 security issues. 

“For example, some 4G features are still dependent on 2G/3G systems, including sending SMS messages and establishing call connections.

“What’s shocking is that according to ENISA, only 30% of EU telecom operators have implemented GSMA recommendations,” says Kurbatov.

Kurbatov adds there are several approaches to combat the threats.

“The first step is to make sure the right processes are in place to make ensure operators don’t have any blind spots in their mobile networks. 

“Only with a comprehensive approach, which includes regular monitoring of any anomalies to detect illegitimate activities and by following GSMA guidelines, can operators ensure a higher level of protection against criminals. 

“Operators need to learn from lessons of the past to avoid making the same mistakes with 4G and 5G.”

Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
Why best-practice threat data management provides confident automation
Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. More
Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Story image
Secureworks: Remote working exposes new security vulnerabilities
New vulnerabilities have been exposed as IT teams across the world respond to the ongoing COVID-19 pandemic.More