A vuln in the GTP protocol could allow DoS, fraud, and data theft attacks against cellular networks from virtually anywhere.

Dark Reading Staff, Dark Reading

June 12, 2020

1 Min Read

A protocol that allows millions of customers to use their mobile phones for data applications can also allow criminals to launch denial-of-service (DoS), user impersonation, and fraud cyberattacks. And according to a new report, the protocol, GTP, is as much a vulnerability for certain 5G networks as it is for 2G, 3G, and 4G cellular infrastructures.

The report, built on research by Positive Technologies engineers, says every network researchers tested has vulnerabilities that could allow a user outside the network to instigate a DoS attack, crippling access for legitimate users, stealing network services and bandwidth, or disclosing personal information for users.

The vulnerabilities are in the protocol's architecture rather than its implementation, Positive Technologies says. For defense against exploits, the researchers recommend filtering traffic at the GTP level and implementing the GSMA security recommendations.

Read more here.

VIRTUALSUMMIT_DR20_320x50.jpg

 

 

 

 

 

 

Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights