Are You Completely Safe with Multi-Factor Authentication (MFA)? — Part 3

Hieu Minh Ngo (Hieupc)
8 min readOct 24, 2020

“What’s Secure Today May Not Be Secure Tomorrow”- eff.org

(Read: Part 1 and Part 2)

We can say that most of today’s 5G networks, just like 4G ones, are vulnerable to the following types of attacks: — Disclosure of subscriber information including TEID (Tunnel Endpoint Identifier — GTP tunnel identifier) and location data — Spoofing, which can be used for fraud and impersonation attacks — DoS attacks on network equipment, resulting in mass disruption of mobile communication, according to Positive Technologies’ research.

Figure 1. Cybersecurity is a “must” requirement for all businesses.

Solution for businesses (Facebook, Google, Banks, Mobile Phone Operators and other online platforms)

Remember that 5G networks in the years to come, instead of being “pure,” will rely on 4G. Therefore, Mobile Phone Operator (MNO) needs to place an interconnect from the current (insecure) 4G network to the new (secure) 5G network. Putting 5G inside the current 4G roaming network exposes the next-generation network to threats. Protecting 5G starts with protecting 4G, which at most MNO is vulnerable to a range of threats. All previous-generation protocols must be secured. The network must be carefully checked for configuration errors, requiring regular assessment of the state of infrastructure security.

--

--