Engineering Technologies

Combating
Group

security issues
in the 5G era

Sergey Bagrov
Member of International Expert Council
of ECEA
s.bagrov@eacp.ru
What is radically
new in 5G

Lot’s and lot’s of Way long period to support

devices to serve backward compatibility

Radio Network Side Core Network Side

 Network Evolution

1980 1991 1999 2001 2005 2010 2017

1G 2G 2.5G+ 3G 3.5G 4G 4.5G 5G

GTP
Analogue

SS7 SIP
API’s
Diameter

Constant & Continual Introduction of Additional Network Access

Now what can a Hacker do?

Track your location Steal your money

Different Protocols

Easily
Same Threats Any mobile
operator

Intercept your data, calls Get access to your

and SMS messages email and social media

From No special
anywhere skills needed
From
Take control of Perform massive denial
your digital identity GSM to 5G of service attacks
Attacks on signaling
networks is not a myth

?
https://www.forbes.com/sites/thomasbr
ewster/2017/09/18/ss7-google-
coinbase-bitcoin-hack/#2ca4aff741a4
Protocol Threat Comparisons
Positive Technologies have further research being
published very soon looking at Diameter.
Comparing 4G networks using Diameter against
earlier network generations
Possible different reasons for previous generations
out performing Diameter in certain areas.
 SS7 Threat Awareness Higher
 Diameter specific challenges

Percentage of vulnerable
networks (2017)
Threat
SS7 Diameter
networks networks

Subscriber information disclosure 100% 100%

Network information disclosure 63% 75%

Subscriber traffic interception 89% –*

Fraud 78% 33%

Subscriber denial of service 100% 100%

* In the tested networks, SMS transmission using the Diameter network was not carried out.
Successful attacks by threat types To establish voice calls in 4G networks, the SIP protocol is used.
Denial of Service

Every
network
is exposed to Denial of service
denial of service is crucial for the

internet
of things
3 hours
Subscriber down-
time in testing
 Conclusion #1
5G Non-Standalone is vulnerable to denial of service
USUAL SECURITY

Confidentiality Availability

IOT SECURITY
PRIORITIES

PRIORITIES
Integrity Integrity

Availability Confidentiality
Convergence of
telecom and IT world
2G & 3G 4G 5G
MAP/CAP  The 5G network core is
TCP/IP-based.
TCAP JSON over
DIAMETER HTTP/2  These protocols are open
SCCP and well-known.
MTP3  Tools for finding and exploiting
M3UA
MTP2
TLS QUIC vulnerabilities are available
SCTP SCTP TCP UDP to any adversary.
MTP1 IP IP IP

Physical Physical Physical Physical

Conclusion #2
Hacking 5G will be just as simple as hacking
the web or enterprise

Difficulty of bypassing the perimeter (percentage of systems) Security level (percentage of web applications)
Briefly about IoT
40 37%
35 32%
30

25
24%
20

15

10 8%
5

0
Already use Preparing Will wait Will wait as
IoT to and see long as
implement possible
IoT

GARTNER: “By 2020, over 25% of identified attacks in enterprises will involve IoT”
Conclusion #3
Millions of connected IoT devices mean
millions of potential botnet soldiers

2016 2019
Mirai, 1M potentially
500K devices vulnerable
in bot-net
What should be
addressed

Security awareness Trustworthy solutions,

is the key constant verification

Security by design is Security should

good, but implementation be comprehensive
is always different
Thanks
for attention