6 Threats Facing Mobile Operator Networks

Caitrona Grant of Enea AdaptiveMobile Security examines the top six mobile network risks in this article. What MNOs can do to prevent them:

Threats facing mobile operator networks:

  1. Voice fraud
  2. SMS misuse and attacks
  3. Signaling security risks (SS7)
  4. 5G legacy and its vulnerabilities
  5. Network slicing security flaws
  6. 5G IoT security vulnerabilities

According to the Global System for Mobile Communications Association (GSMA), mobile internet use has reached 55% of the world’s population, and by the end of 2021, 4.3 billion people will be utilizing mobile internet.

Mobile internet users throughout the world are becoming increasingly reliant on their phones for a variety of commercial and personal activities. Regrettably, this zone includes mobile network dangers.

Criminals that try to disrupt communication systems or change, destroy, or steal data have been drawn to mobile usage.

To get access to networks, these fraudsters typically attack device or network weaknesses. Customers and regulatory agencies expect their mobile providers to provide high-quality service (QoS), including stable and secure network connectivity.

It is becoming increasingly difficult for mobile network providers to provide the best protection to consumers in this fast-paced market.

This article discusses some of the most frequent mobile network dangers, as well as what chief security officers and their teams may do to avoid them.


1. Voice Threats

With the overall number of speech-over-5G users expected to reach 2.5 billion by 2026, voice fraud is expected to climb as well. Vishing (voice phishing), number spoofing, Wangiri fraud, and SIM Box fraud are examples of fraud attacks.

The presence of the iSpoof website is an indication of how voice fraud has evolved. Prior to its demise in November 2022, the harmful website sold bad actors the tools they needed to perpetrate voice fraud.

The iSpoof platform marketed ‘products’ such as pre-built vishing scripts – phishing attacks-as-a-service – and the ability to modify Calling Line Identity (CLI), allowing attackers to impersonate numbers. The ease with which these ready-made tools are available to attackers demonstrates how pervasive voice fraud has become.

Operators’ earnings are also threatened by the use of flash calls for authentication services. Because flash calls have no call charges and can often substitute methods such as A2P SMS authentication, operators’ income may suffer.

With these improvements in phone fraud, operators should consider investing in a voice firewall to handle the rising difficulty of protecting subscribers. To secure income and retain brand reputation, operators must take proactive actions to combat voice fraud assaults in the future.


2. SMS Misuse and Attacks

There are several SMS attacks and other sorts of network exploitation. Numerous abuses will persist since the protocols and interfaces that enable SMS in 5G remain unchanged. Some of the 5G SMS misuses that mobile networks must cope with are as follows:

  • Unsolicited SMS messaging
  • SMS phishing (or smishing)
  • Premium SMS fraud
  • Mobile Malware Propogation via SMS
  • Surveillance and information retrieval via SMS
  • Denial of Service
  • SMS interception
  • Grey routes
  • New 5G attack vectors 

Because SMS messages cross numerous protocols and generations, as outlined in the white paper Messaging for the Future: Safeguarding SMS in 5G, a holistic security solution must begin by mapping out potential entry points and security zones for individual networks.

The vulnerabilities of these entry points should next be validated to discover if and how they might be exploited. This allows operators to test methods for identifying attackers, filtering out malicious data, and preventing signaling attacks.


3. Signaling Security Risks

Signaling networks that use protocols like SS7, Diameter, and GTP-C are under attack from attackers and fraudsters who exploit protocol flaws throughout the global interconnect.

As a result, attackers can violate user privacy, limit access to critical services, and cheat mobile providers. Enea has discovered evidence of state-sponsored attacks on mobile networks from the beginning of the Ukrainian conflict.

To maintain trust in their networks, mobile operators must rapidly create an effective signaling firewall and deploy threat intelligence. If actions to safeguard signaling infrastructure are not done, attackers will find vulnerabilities to exploit, putting operators’ brand reputation, customers, partners, and revenues at risk.

To secure their networks, MNOs must choose the correct signaling firewall vendor. Operators should strive for a signaling firewall that is carrier-grade, enhanced reporting, and global threat intelligence.

The solution must go well beyond simply preventing current network threats. It should be able to respond to developing attacks that attempt to circumvent standard SS7, Diameter, and GTP-C firewalls.


4. 5G Network Legacy and New Vulnerabilities

According to the GSMA, approximately 200 operators have implemented 5G networks in more than 70 countries, covering nearly one-third of the world’s population. It is anticipated that there will be 2 billion 5G connections worldwide by 2025. Because networks have become increasingly virtualized, disaggregated, and cloudified, making them more vulnerable to breaches, 5G network security is more complicated than prior mobile technologies.


5G architecture contains severe flaws that, if not solved, might be exploited by cybercriminals.

The underlying weakness allows for three key attack scenarios: user data extraction (e.g., location tracking), denial of service against another network function, and access to another vertical partner’s network function and related services via network slicing.

When it comes to safeguarding 5G networks, trust should not be at the forefront of your security approach. Operators must be able to continuously and proactively monitor activity, detect and block threats, and, most importantly, respond quickly to any intrusion.


5. Network Slicing Security Flaws

Network slicing entails virtualizing the RAN and core to produce network “slices” that can be adapted to specific use cases. According to our findings, 5G network slicing involves significant security issues that could enable attacks such as Denial of Service (DoS), location monitoring, and fraud / data leakage.

Particularly, as we see more 5G use cases with enterprise partners, DoS attacks may become more devastating. Several mobile network operators now have government clients, and assaults might target important national infrastructure such as energy, health, transportation, public services, and manufacturing.

We advocate employing an upgraded filtering and validation technique that combines information from different layers and protocols and integrates external threat information to prevent potential DoS attacks within 5G network slicing.

This approach to filtering and validation separates the network into security zones and protects the 5G core network. Cross-correlation of attack information amongst various security network services maximizes 5G network protection against sophisticated attackers, allowing for improved mitigation and faster detection while reducing false alarms.

Waiting for standardization to increase security may not always be a timely answer, as evidenced by the schedule of the 3GPP Release 17 Code freeze in 2022.


6. IoT Security in 5G

Due of the Internet of Things (IoT), a growing number of devices will connect to 5G networks, including high-value vital equipment such as automobiles. This means that security solutions designed for mobile phones are no longer appropriate.

To deal with the IoT security risks and other risks that may arise for 5G networks; we make three recommendations:

  • The first recommendation is that mobile operators correlate and pool all the security information they have from the old mobile networks and the new 5G mobile network. This will give mobile operators a complete picture and improve security on all levels.
  • The second recommendation is that mobile operators focus on intelligence and analyze what is happening on their new networks to understand the nature of attacks, build defenses to stop them, and give users confidence that future attacks will be blocked
  • The final recommendation is that mobile operators adopt a security mindset with the 5G network as this network will not only be a piece of national critical infrastructure but also connect other critical infrastructure like transport, water, and electricity.

To protect this infrastructure, it will not be sufficient for mobile operators to implement specifications. They will need to maintain, monitor, and update these systems to block network attacks. This may require a change in the network mindset for many operators.  


This is not an all-inclusive list of the hazards that MNOs face. Additional dangers include open-source software development vulnerabilities, supply chain vulnerabilities, third-party cloud services, and just being exposed to human mistake.

As 5G networks are completely deployed in all aspects of our economies, we expect risks will rise at several levels, from vertical industry to widespread IoT use and core network-related 5G security vulnerabilities.

Mobile networks are now considered vital infrastructure, with implications for every economic sector. As a result, regulators are progressively requiring mobile networks to be more proactive in the face of threats.

MNOs must be able to predict network threats in order to provide a safe and secure connectivity environment for their consumers, enterprise, and government customers. Competing on price and speed is a losing approach because MNOs must continue to invest in infrastructure, new technologies, and better customer service.

As a result, security is becoming a key component of MNO strategy and differentiation from competitors.

Chief security officers, directors of engineering, and their teams may ensure the network is always safe and decrease the possibility for economic losses and reputation harm by adopting the necessary defenses and staying up to speed with the global threat landscape through a threat intelligence system.

As a result, net promoter scores will rise, and MNOs will have a powerful marketing tool at their disposal.

Talk with an Enea AdaptiveMobile Security specialist to find out how we can help you improve network security.

About the writer

Caitríona Grant is a recent graduate of the National University of Ireland, Galway, where she completed a bachelor’s degree in global commerce. As part of her degree, Caitriona studied abroad in Canada and worked as a marketing intern back in Ireland. Over the course of her studies, she developed a passion for both marketing and cybersecurity, specialising in marketing in her final year. Caitriona is now working as a marketing assistant at AdaptiveMobile Security, a role that marries both of her passions.

Written by PH

Leave a Reply

Your email address will not be published. Required fields are marked *

Alerzo Sacks 15% of Staff in Second Round of Layoffs

5 Reasons Why Qalbox Is Essential for Muslims This Ramadan