Mobile operators will continue to be impacted by flaws in the GPRS Tunneling Protocol (GTP) even as the former migrate to 5G infrastructure.
As per various reports, cyber-security companies Positive Technologies and A10 Networks came up with a litany of flaws in this legacy mobile protocol, including revelation of subscriber information, spoofing, and Denial-of-Service attacks on network equipment, and so on.
What is GTP?
It is a mechanism established to interconnect different networks by making IP-based tunnels between devices and the mobile network. Primarily developed as a means of interconnecting different providers of GPRS (2.5G) communications, GTP lets users rove across different provider networks, while still having access to features like SMS, MMS, WAP, and others.
With the development of new protocols, GTP maintained its role inside mobile operators, acting as a connection between both old and new technologies.
While the protocol can be exempted for not supporting encoded communications in an age when such a feature was not common, GTP also didn’t support something as rudimentary as “sender authentication.”
This infers that anyone can send a GTP packet to a mobile telco’s GTP infrastructure with false data, and the mobile operator will perform the GTP packet, thinking it’s genuine traffic, with no way of confirming it came from one of its authentic users.
From this elementary design fault, over the past years, security researchers have revealed different ways to misuse GTP across 2.5G, 3G, 4G, and now, 5G.
In a report, Positive Technologies executed security audits of 28 mobile operators in Europe, Asia, Africa, and South America. The security audits occurred in 2018 and 2019, with researchers looking at both 4G and 5G network designs, at numerous protocols, barring GTP.
Most of the networks they examined, were susceptible to the old GTP attacks, irrespective of the telcos were running 4G or 5G setups.