The new Diameter protocol is as easy to attack as SS7
Network security researchers say the Diameter protocol used on 4G (LTE) network services and data transmission is also vulnerable to the previous SS7 SS7 standard of older standards like 3G, 2G and previous. there.
Network security researchers say the Diameter protocol used on 4G (LTE) network services and data transmission is also vulnerable to the previous SS7 SS7 standard of older standards like 3G, 2G and previous. there.
Both Diameter and SS7 (Signaling System No. 7) have the same role in the mobile network.Their purpose is to authenticate within the network and between mobile networks (network providers).
SS7 was developed from the 70s and proved to be unsafe.Therefore, when launching 4G network (LTE), SS7 was replaced by the Diameter protocol, an improved internal network protocol and will also be used on the upcoming 5G standard.
The difference between these two standards is that SS7 does not encrypt the authentication process, resulting in easy authentication messages.Diameter supports TLS / DTLS (respectively for TCP and SCTP) or IPsec.
The 4G network is often misconfigured Diameter
According to research published last month by Positive Technologies, the global mobile network is less likely to use the feature of this protocol.The incorrect use of Diameter will lead to manyvulnerabilities on 4G networks like on SS7.
Protocols used on 3G, 4G and 5G networks can all be attacked
The researchers said that the misconfiguration of the Diameter on 4G networks is different on each network but also repeated five main types of attacks:
- Revealing subscribers information
- Disclosure of network information
- Interfering with traffic subscribers
- Cheat
- Denial of service
The network security research organization said all the mobile networks they analyzed over the years are likely to be attacked through one or both of these protocols.Positive Technologies warns the development of IoT devices, some use 4G connectivity when there is no WiFi and can open the door for the attacker.
See more:
- It's time to change the definition of hackers
- Warning: Dangerous security holes in Wordpress platform, hackers can take advantage to take control of the website
- This is why you should be happy for having 5G
You should read it
- New error detection in 4G LTE protocol
- The world's first 5G network launched in Qatar
- Mobile IP (Mobile IP)
- Instructions for installing mobile networks on Windows 10
- KRACK attack breaks down the WPA2 WiFi protocol
- More than 1.7 billion cyber attacks in 2013
- Will 5G make us more vulnerable to cyber attacks?
- London will have 5G network by 2020
- Virtual mobile network - approach to research on 3G in Vietnam conditions
- Knowledge of TCP / IP network protocols
- Mobile data connection too slow? Try the following 7 network acceleration techniques
- How to set up wireless home network with mobile phones