source: [infradata: Diameter protocol has same vulnerablities as SS7 standard](https://www.infradata.com/news-blog/diameter-protocol-has-same-vulnerablities-as-ss7-standard/)
32
+
source: [infradata: Diameter protocol has same vulnerablities as SS7 standard](https://www.infradata.com/news-blog/diameter-protocol-has-same-vulnerablities-as-ss7-standard/)
33
33
34
34
- Hacking 4G Phone
35
35
```
skipped 27 lines
63
63
64
64
source: [thalesgroup: 5G AND 4G: WHAT’S THE DIFFERENCE?](https://www.thalesgroup.com/en/worldwide-digital-identity-and-security/mobile/magazine/5g-and-4g-whats-difference)
65
65
66
+
- New Security Measure
67
+
```
68
+
The 5G SA network supports more security features to tackle potential security challenges in the future 5G
69
+
lifecycle. 5G NSA and 4G networks share the same security mechanisms and work in standard and practice
70
+
consistently to keep improving their security levels.
71
+
72
+
• Stronger air interface security: In addition to user data encryption on 2G, 3G, and 4G networks, 5G
73
+
standards provide user data integrity protection to prevent user data from being tampered with.
74
+
• Enhanced user privacy protection: In 2G, 3G, and 4G networks, users' permanent IDs (international mobile
75
+
subscriber identities — IMSIs), are transmitted in plain text over the air interface. Attackers can exploit this
76
+
vulnerability using IMSI catcher attacks to track users. In 5G networks, users' permanent IDs (in this case,
77
+
SUPIs) are transmitted in ciphertext to defend against such attacks.
78
+
• Better roaming security: Operators usually need to set up connections via third-party operators. Attackers
79
+
can forge legitimate core network nodes to initiate Signaling System 7 and other attacks by manipulating
security protection for inter-operator signaling at the transport and application strata. This prevents thirdparty operators' devices from tampering with sensitive data (e.g. key, user ID, and SMS) exchanged
82
+
between core networks.
83
+
• Enhanced cryptographic algorithms: 5G R15 standards currently define security mechanisms such as 256-
84
+
bit key transmission. Future 5G standards will support 256-bit cryptographic algorithms to ensure that such
85
+
algorithms used on 5G networks are sufficiently resistant to attacks by quantum computers. The 3GPP
86
+
has recommended that the ETSI Security Algorithms Group of Experts (SAGE) start to evaluate 256-bit
87
+
cryptographic algorithms.
88
+
```
89
+
90
+
- Security Research and Result
91
+
```
92
+
- Purdue University and the University of Iowa
93
+
94
+
The researchers, using their tool called the "5GReasoner", found that 5G is still subject to some of the same exploits as 4G, despite touting a more "robust security posture" than previous cellular network generations.
95
+
96
+
The 5GReasoner discovered 11 new surveillance and disruption threats to the network by conducting a series of attacks against 5G-connected phones from a radio base station.
97
+
98
+
In one of these attacks, researchers obtained old and new temporary network identifiers of a victim's phone, which allowed them to track its location through its paging occasion. They could also broadcast fake emergency alerts by hijacking the paging channel, which could lead to "artificial chaos." Both real-time location tracking and false emergency alerts are vulnerabilities shared by 4G and 5G networks.
99
+
100
+
Another attack discovered a means to create a prolonged denial-of-service condition, which could completely disconnect a target's phone from the network for an extended period of time. It could also downgrade the phone to a less secure connection, leaving it open for law enforcement and other hackers to launch surveillance attacks.
101
+
102
+
```
103
+
source: [ITPRO: 5G networks are vulnerable to hacking](https://www.itpro.co.uk/mobile-security/34807/5g-networks-are-vulnerable-to-hacking)
