What are the security threats to cellular radio networks?
The motivations for attacks against cellular networks typically fall into one of the following categories:
- attempts at unauthorised network access to get free services
- attempts at ‘grabbing’ user identities to make clones
- attempts at eavesdropping on network traffic to gain unauthorised access to information
- attempts at tracking users by eavesdropping on signalling traffic
The vulnerability of cellular systems to these threats is based mainly on the fact that they employ radio-based user connections.
Typically, the most vulnerable parts of the cellular system are those that are outside of the direct control of the network operator, this includes the UE and the air interface connection and, with the rise in popularity of Wi-Fi access to cellular services, the Wi-Fi access points and the VPNs that connect them to operator’s core network. The N3IWF (N3 Inter Working Function) node exposes interfaces to the Internet and is therefore an obvious target for unauthorized access attempts.
Cellular systems must make use of strong but practical forms of security to counter these threats. Many of the threats and mitigations faced by 5G networks are similar to those experienced by 4G networks.