One of the biggest features of 5G is a security minefield
True 5G WiFi Data, with its ultra-fast speeds and enhanced security precautions, was slow to be adopted around the world. With the proliferation of mobile technology – the combination of enhanced speed and bandwidth with low-latency connections – one of its most touted features is beginning to come into focus. However, the upgrade comes with a number of potential security risks.
A vast new population of 5G-enabled devices, from smart city sensors to farming robots and beyond, will gain the ability to connect to the internet in places where Wi-Fi isn’t practical or available. Individuals can even choose to trade their fiber internet connection for a home 5G receiver. But the interfaces that network operators have set up to manage Internet-of-Things data are riddled with security gaps, according to a study that will be presented on Wednesday at the Black Hat security conference in Las Vegas. And these vulnerabilities could haunt the industry over the long term.
After years of investigating potential security and privacy issues with radio frequency standards for mobile data, Altaf Shaik, a researcher at Technische Universität Berlin, says he was curious to examine the application programming interfaces (APIs) that network operators offer to make IoT data accessible to developers . These are the channels that applications can use to get real-time bus tracking data, for example, or information about inventory in a warehouse, for example. Such APIs are ubiquitous in web services, but Shaik notes that they are not widely used in core telecom offerings. Looking at 5G IoT APIs from 10 wireless carriers around the world, Shaik and his colleague Shinjo Park found common, well-known API vulnerabilities in all of them, and some could be exploited to gain authorized access to data or even direct access to IoT devices to get on the network.
“There is a huge knowledge gap. This is the beginning of a new type of attack in telecoms,” Shaik told WIRED ahead of his presentation. “There’s a whole platform where you get access to the APIs, there’s documentation, everything, and it’s called something like ‘IoT Service Platform’. Every operator in every country will sell them if they don’t already, and there are also virtual operators and subcontractors, so there will be a lot of companies offering this type of platform.”
IoT service platform designs are not specified in the 5G standard and can be created and deployed by any network operator and company. That means there are big differences in their quality and implementation. In addition to 5G, upgraded 4G networks may also support some IoT expansion, expanding the number of carriers that may offer IoT service platforms and the APIs that serve them.
Researchers bought IoT plans from the 10 carriers they analyzed and received dedicated data-only SIM cards for their networks of IoT devices. This way, they had the same access to the platforms as any other customer in the ecosystem. They found that fundamental flaws in setting up the APIs, such as weak authentication or lack of access controls, could leak SIM card identifiers, SIM card secret keys, the identity of the SIM card buyer and their billing information. And in some cases, researchers were even able to access large streams of other users’ data, or even identify and access their IoT devices by sending or replaying commands they couldn’t have controlled.