5G Puppeteer: Chaining Hidden Command and Control Channels in 5G Core Networks
This addresses critical security vulnerabilities in 5G networks, which are essential infrastructure, but the work is incremental as it builds on known issues like supply chain compromises.
The paper tackled the problem of compromised 5G core network components by designing undetectable command and control attacks, enabling various security and privacy breaches against subscribers with no effective countermeasures available.
Mobile networks are essential for modern societies. The most recent generation of mobile networks will be even more ubiquitous than previous ones. Therefore, the security of these networks as part of the critical infrastructure with essential communication services is of the uttermost importance. However, these systems are still vulnerable to being compromised, as showcased in the recent discussion on supply chain security and other challenges. This work addresses problems arising from compromised 5G core network components. The investigations reveal how attacks based on command and control communication can be designed so that they cannot be detected or prevented. This way, various attacks against the security and privacy of subscribers can be performed for which no effective countermeasures are available.