LTE brings new security concerns for telcos
As long-term evolution (LTE) networks, such as Telstra's new 4G network, bring about super fast mobile broadband to consumers across the globe, they could also potentially open up smartphones, tablets and other devices to hacks that previously only concerned PC users, according to network vendor Alcatel-Lucent.
Unlike existing networks, which are partially IP-based, LTE networks are all-IP networks.
"Migration to LTE will ... open up a huge can of worms for operators. Put simply, when devices are connected to IP networks, with their own IP addresses, they become vulnerable to attack in much the same way as personal computers: devices can be hacked, spoofed or infected with viruses," Alcatel-Lucent's senior product manager, Ashwin Rana said in a blog earlier this month.
"They can be used by hackers to launch denial of service (DoS) or distributed denial of service (DDoS) attacks, just like PCs. What's more, it's not just the devices that can be compromised — entire LTE network elements are at risk."
Rana said that while there are some security measures around for LTE networks, they were inconsistent, with some methods proposed favouring only protecting signalling data and not the user data on the LTE network.
"While standards have been defined for next-generation mobile networks, there are still some grey areas in terms of security: while the need for network security is explained, the specifics are unclear — no standard solution is proposed," Rana said.
Rana said that a software- or hardware-based Session Border Control (SBC) would be the best form of protection for LTE networks, as it authenticates and protects both signalling data and user data.
"When selected, SBCs are the first line of defence in protecting network assets and end-user information. Session Border Controllers examine and protect both the signalling and media [content] elements of mobile network traffic to determine whether the activity generated by a device is legitimate or potentially harmful."
Kursten Leins, Australia and New Zealand general manager of marketing for Ericsson, the company that Telstra brought on-board to roll out its LTE network, said, however, that telcos would be well prepared for security measures on LTE networks, as many of their back-end network management systems are already running IP.
"There's a tendency to assume that because it's all-IP that it is open and vulnerable, but the same architectural principles apply," Leins told ZDNet Australia.
"From a management perspective, you have standard ICT principles that apply as to how you let access to those nodes [such as network cells], because you don't want people mucking around in your core network or accessing your radio base stations," he said.
Leins said that, ultimately, security for LTE would be better than that offered by previous mobile technologies, such as GSM, and would be the same as WCDMA networks of today.
"There's additional authentication mechanisms ... and physical SIMs. The mechanisms that are in place today are not at any more risk than you've have with wide-band CDMA networks in the past. With wide band, you are taking IP traffic from a smartphone using data services from that end point back into the network."
Leins believed that it would be unlikely that hackers would be able to get into a base station's systems, and, if they did, it would be more likely through the management systems, which are already IP-based today, as opposed to hacking over the air.
"[LTE] might be all-IP, but the sorts of problems that you could address exist within current networks, anyway," he added.