Globally, organizations are anticipating (if not already reaping) some of the benefits of 5G technology. 5G is inevitably poised to transform industries and businesses within the next few years. As a result, industries who wish to take part of the conversation around 5G must consider leasing a network slice from telecom operators or set up their own 5G campus network.
In our research, we look into the implications of developing a 4G/5G campus network for IT and OT experts who are tasked with running and maintaining factories, critical infrastructures, and other such environments. We do this by testing attack scenarios rooted from a compromised campus network and especially the core network within it. In this entry, we give an idea of these threats and their respective mitigations.
These are the common attacks conducted at the IP network and that are well within the expertise of IT professionals. In these attack scenarios, the threat actors would have had to gain control over a core network’s potential entry points. In our research, we identify these entry points as the server hosting network services, the VM or the containers, the network infrastructure, and the base stations.
By taking control over these entry points, a threat actor would not have to be a telecom expert to launch attacks from an IP network. Even though these scenarios are not necessarily cellular network-specific, they highlight how a compromised core network can be another opening for threats that already affect industrial control systems (ICSs).
Our research revealed several attack scenarios, for which we suggest respective mitigations:
Scenario: An attacker can assign a malicious DNS to the user equipment (UE), hijack a legitimate DNS response, or simply change the DNS entry on the DNS server.
Mitigations:
Scenario: Once the telemetry or messages sent to the cloud or back-end servers are changed, analysis algorithms and statistics can be affected. An attacker can also intercept MQTT to temporarily cover up what has been done in remote sites.
Mitigation:
Scenario: The attacker writes a Modbus parser to change the Modbus function codes and data values in the packets.
Mitigation:
Scenario: If a PLC is not read/write- protected, an attacker can upload the program blocks and obtain the design. If it is protected, the attacker might still be able to reset the PLC and download a new design to sabotage the production.
Mitigations:
Scenario: Depending on the configured encryption options, an attacker sitting at the points of interception that routes and forwards packets between user devices and outbound networks has the opportunity to sniff RDP port 3389 or VNC port 5900 in order to log keystrokes and passwords.
Mitigations:
Scenario: An attacker installs the SIM card to their own device to gain access to the campus network, scan for vulnerabilities, or attack other devices.
Mitigation:
Attacks that are cellular network-specific can only be delivered via a cellular network. These attack scenarios serve as a good starting point for narrowing the knowledge gap between the fields of IT and OT on one end and telecommunications on the other.
Our research revealed several attack scenarios, for which we suggest respective mitigations:
Scenario: An attacker uses their own telecom infrastructure to observe unencrypted communication, despite the customized APN.
Mitigations:
Scenario: If an attacker knows the phone number and the IMSI of an industrial router that supports SMS backup, the SMS command password can be brute-forced within only 10 tries.
Mitigations:
Scenario: The attacker sends a fake GTP packet to the base station if the TEID is known to them. This can, for example, allow them to bypass the firewall rules in the destination. As a result, the target device would receive the fake packet, as it would a legitimate packet.
Mitigation:
In the future, campus network technology will be deployed by more organizations and further developed to meet the evolving demands that can be fulfilled by 5G technology. As a result, it is undeniable that organizations must adapt and prepare for more changes, particularly when updating their infrastructure to include a 5G core network. Based on our research, we can say that campus networks introduce a new field that is equally significant as IT and OT: communication technology (CT).
Organizations will then need to consider this new trio of IT, OT, and CT to work with a better security framework. Meanwhile, IT and OT experts must prepare themselves for knowledge expansion amid the blurring lines of their responsibilities and the deepening role of telecom technology in industrial environments.
Here are some of our general security recommendations that organizations can consider implementing:
In our research titled “ Attacks From 4G/5G Core Networks: Risks of the Industrial IoT in Compromised Campus Networks ,” we give a more detailed description of the campus network and its components. The full research also provides an elaboration of the different attack scenarios and their implications.
Like it? Add this infographic to your site:1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. View the report
The upheavals of 2020 challenged the limits of organizations and users, and provided openings for malicious actors. A robust cybersecurity posture can help equip enterprises and individuals amid a continuously changing threat landscape. View the 2020 Annual Cybersecurity Report
trump-dumpsru pawn-shopcc
