Presentation Material
Abstract
Mobile networks, once hailed as technological marvels, have danced with vulnerabilities that refuse to fade away. From SMS phishing to the silent whispers of IMSI catchers, the haunting symphony includes phone tapping, death by SMS, data leaks over SS7/Diameter interfaces, data fraud, SIM jacking, SIP spoofing. Join me in a captivating talk where we dive into the surreal world of persistent vulnerabilities that still lurk in the shadows of mobile networks, even in the midst of 5G.
Embark on a journey through my research, where Iβve delved into the relevance, wild occurrences, attack success probabilities, impact, and the haunting ease of fixing these old vulnerabilities. Overall a substantial gap between theoretical security frameworks and their practical implementation, particularly in 5G and LTE technologies. A staggering 80% of networks tested across North America, Europe, Asia, and the Middle East exhibit these vulnerabilities. Implementing systematic testing and mitigation measures can address many of these vulnerabilities, fortifying networks against large-scale attacks that could escalate with the interconnection of 5G networks.
This isnβt just a talk; itβs an exploration into the ghostly persistence of mobile network vulnerabilities and a questioning gaze into the future. Will the zero-trust and security-by-design mantras of 5G shield us entirely, or will they birth new specters of vulnerability through private networks, and open RAN? When will the echoes of these old bugs finally fade away?
AI Generated Summary
The talk addresses persistent security vulnerabilities across generations of mobile telecommunications networks (2G through 5G), arguing that vendors often apply superficial patches rather than addressing root causes, leading to the recurrence of classic attack vectors in newer technologies.
Key findings reveal systemic issues in authentication, encryption, and privacy. Authentication is frequently infrequent, causing long-term reuse of cryptographic keys instead of regular regeneration, a problem observed in 2G, 3G, and 4G networks. Encryption downgrade attacks remain feasible; many networks still support weak or null algorithms (e.g., A5/0), allowing interception. Privacy protections, such as the randomness of temporary identifiers (TMSIs), are poorly implemented, with predictable patterns recurring even in 5G standalone networks. SMS infrastructure is vulnerable to spoofing, silent SMS tracking, and fraud, with insufficient filtering at network or device levels. Infrastructure exposure was also documented, including accessible maintenance portals (SSH) and unrestricted reconnaissance traffic from subscriber devices.
The research demonstrates that legacy protocols (SS7, Diameter, GTP) and architectural flaws persist in 5G, which additionally expands the threat landscape by integrating with IT protocols (HTTP/2, JSON) and supporting critical verticals. While 5G standards incorporate stronger mechanisms like TLS and IPsec, real-world deployments often misconfigure or bypass security features such as integrity protection. The practical implication is that mobile network security has not fundamentally improved across generations; core design and implementation flaws remain, exposing users to interception, tracking, and service disruption. The speaker concludes that robust security must be prioritized from the outset in 5G and future 6G development to mitigate an increasingly complex attack surface.