All mobile networks are vulnerable to either SS7 or Diameter flaws
The cyber-security firm says that from all the mobile networks it analyzed in the past years, since it began looking into SS7 and Diameter vulnerabilities, all mobile networks it examined are vulnerable to one or another, or both, leading to unique cases where any mobile networks it inspected ws vulnerable to some sort of network-level hacking.
... ... ...
....
..
Positive Technologies warns that with the rise of Internet of Things devices, some of which rely on 4G connections when a WiFi network is not in range, such flaws are the equivalent of having an open door for hackers to target such equipment via the 4G network.
"Such frightening consequences are only the tip of the iceberg," experts wrote in their latest Diameter report. The company, which is known for providing security testing and monitoring of mobile networks, urges 4G operators to get with the times and invest into the security of their networks.
The "Diameter Vulnerabilities Exposure Report 2018" is available for download
here. Positive Technologies previous analyzed the SS7 protocol
in 2016 and the Diameter protocol
in 2017.
In March 2018, ENISA (European Union Agency for Network and Information Security) published an
official advisory about SS7 and Diameter vulnerabilities in modern 4G networks.
Last week, a team of academics disclosed a set of
vulnerabilities in 4G (LTE) networks at the "data layer," the one responsible for data transfer, and not the signal level where Diameter is located at.