True 5G wireless data, with its blazing-fast speeds and strong security protections, has been slow to roll out globally. As mobile technology proliferates, combining expanded speed and bandwidth with low-latency connections, one of its most touted features is beginning to come into focus. But the upgrade comes with its own set of potential security exposures.
A massive new population of 5G-enabled devices, from smart city sensors to agricultural robots and beyond, are gaining the ability to connect to the internet in places where Wi-Fi isn’t convenient or available. Individuals can even choose to trade in their fiber optic internet connection for a home 5G receiver. But the interfaces operators have in place to manage IoT data are riddled with security holes, according to research to be presented Wednesday at the Black Hat Security Conference in Las Vegas. And these vulnerabilities could hurt the industry in the long run.
After years of examining potential security and privacy issues in mobile data radio frequency standards, Altaf Shaik, a researcher at the Technical University of Berlin, said he was curious to investigate programming interfaces of applications (APIs) offered by operators to make IoT data accessible to developers. These are the conduits that applications can use to pull, for example, real-time bus tracking data or stock information in a warehouse. These APIs are ubiquitous in web services, but Shaik points out that they haven’t been widely used in basic telecommunications offerings. By examining the 5G IoT APIs of 10 mobile operators around the world, Shaik and his colleague Shinjo Park discovered common and widely known API vulnerabilities in each of them, and some could be exploited to obtain a authorized access to data or even direct access to IoT devices. on the network.
“There is a huge lack of knowledge. This is the start of a new type of attack in telecommunications,” Shaik told WIRED ahead of his presentation. “There’s a whole platform where you have access to APIs, there’s documentation, everything, and it’s called something like ‘IoT Service Platform.’ Every operator in every country is going to sell them if they don’t already, and there are also virtual operators and contractors, so there will be a ton of companies offering this type of platform.
The designs of IoT service platforms are not specified in the 5G standard and it is up to each operator and company to create and deploy them. This means that there is a wide variation in their quality and implementation. In addition to 5G, upgraded 4G networks can also support some IoT expansion, increasing the number of carriers that can offer IoT service platforms and the APIs that power them.
The researchers purchased IoT plans on the 10 carriers they analyzed and obtained special data-only SIM cards for their networks of IoT devices. This way, they had the same access to the platforms as any other customer in the ecosystem. They found that basic flaws in API configuration, such as weak authentication or missing access controls, could reveal SIM card IDs, SIM card secret keys, the identity of who purchased which card. SIM and their billing information. And in some cases, researchers could even access large streams of data from other users or even identify and access their IoT devices by sending or replaying commands they shouldn’t have been able to control.