Telecom security experts call on operators to put in place comprehensive cyber-security measures against GTP threats
LONDON, Aug. 11, 2023 /PRNewswire/ — Mobile operators need to reassess security vulnerabilities in the key GTP (GPRS Tunnelling Protocol) protocol and bolster GTP security within their networks as they continue to invest in and roll out 5G, according to a new study by SecurityGen, the global provider of security solutions and services for the telecom industry.
SecurityGen’s latest report, entitled ‘GTP vulnerabilities: A cause for concern in 5G and LTE networks’, is based on 150 telecom security assessments of 39 live mobile networks during 2022 and 2023. It found that nearly 77 per cent of networks had no cyber-security measures in place against GTP-based attacks. Only 23 per cent had a high level of cyber-security measures to keep successful GTP-based test attacks to a minimum.
“Despite its widespread use, the GTP mobile network protocol is not entirely secure and opens up opportunities for attackers to intercept sensitive user data, engage in fraudulent activities, or disrupt network services,” said Dmitry Kurbatov, co-founder and CTO of SecurityGen. “As we explored and examined GTP’s security vulnerabilities, it became apparent that the protocol requires in-depth consideration and robust mitigation strategies to block the potential threats – more so in the 5G set-up.”
The study is based on the results of over 150 telecom security assessments by SecurityGen during the last 12 months involving 39 mobile operators in 24 countries across the SEA, LATAM, and MEA regions. It highlights the most critical GTP-related threats to raise awareness among mobile operators and stakeholders of the hidden vulnerabilities within the protocol.
The SecurityGen assessments found that all of the tested networks exhibited some vulnerabilities in their management of the GTP protocol:
- In 71 per cent of networks assessed, GTP-based test attacks on subscriber information disclosure were successful. Which can be used to impact subscribers, perform other attacks, target other interfaces, radio interfaces and OS and network vulnerabilities.
- 62 per cent of networks assessed were vulnerable to fraudulent activity involving the GTP protocol.
- 85 per cent of networks were susceptible to targeted attacks on subscribers aimed at impeding or completely interrupting the functionality of data transmission services.
- 46 per cent were vulnerable to network equipment denial-of-service attacks. Using this vulnerability, an attacker can simultaneously hinder network (Internet) connection for individual subscribers and many users via network equipment denial.
- User traffic interception was successful in 69 per cent of the networks tested. By exploiting this vulnerability, an attacker can direct all incoming traffic to their equipment by altering the nodes that process the user traffic.
“Throughout our assessments, we were surprised that not a single network was protected with a GTP firewall. Even when mobile operators claimed to have a GTP firewall deployed, we could carry out test attacks successfully, as there was no functional GTP firewall in place,” commented Kurbatov. “This suggests that either the GTP firewall was not actively operational, or its filtering rules were not correctly configured or enabled.”
“Some mobile operators employ IP address filtering from non-roaming partners to incoming traffic as a counter-measure – however, our simulated test attacks were still able to bypass this technique. The deployment of a fully functional GTP firewall could significantly improve these statistics and provide more robust protection against potential threats. Adopting advanced GTP firewall solutions undoubtedly enhances the overall security of mobile networks and protects them against multiple GTP attack vectors.”
Kurbatov continued, “The interconnected nature of 3G, 4G, and now 5G mobile networks across different generations amplifies the risks posed by GTP security vulnerabilities. Our research highlighted a worrying lack of robust security measures across a significant proportion of the mobile networks we examined. Despite ongoing efforts by the GSMA and individual mobile operators since 2017, we found that comprehensive cyber-security measures are still not in place for the most part.”
“The increasingly vital role of mobile technology in nearly every aspect of how we live and work means that operators must regard effective cyber-security measures and policies that protect their networks and mobile users as a commercial and operational priority. This includes a comprehensive GTP protection strategy encompassing deployment of functional GTP firewalls, the application of GSMA-recommended protections, the integration of intrusion detection systems, and the regular monitoring of all network communication interfaces,” added Kurbatov.
“The findings of this study should serve as a wake-up call that spurs operators and the wider telecoms industry to take action necessary to secure our interconnected digital future.”
The SecurityGen White Paper, ‘GTP vulnerabilities: A cause for concern in 5G and LTE networks’, is available to download here.
Founded in 2022, SecurityGen is a global company focused on telecom security. We deliver a solid security foundation to drive secure telecom digital transformations and ensure safe and robust network operations. Our extensive product and service portfolio provides complete protection against existing and advanced telecom security threats.
Webb Unveils Tangle Network Testnet, Pioneering the Future of Private, Decentralized Applications
NEW YORK, Sept. 29, 2023 /PRNewswire/ — Today, Webb announced the launch of its much-anticipated Tangle Network Testnet, setting the stage for a new era of private and decentralized applications.
Led by founder Drew Stone, Webb is the premier cross-chain zero-knowledge messaging layer, committed to revolutionizing blockchain privacy. Backed by industry giants like Polychain, Lemniscap, and Commonwealth Labs, Webb introduces a suite of tools aimed at advancing zero-knowledge (ZK) and multi-party computation (MPC) applications across multiple blockchains.
The Challenge and Our Solution
Blockchain networks today face significant hurdles: limited interoperability, scaling difficulties, centralized control, and privacy concerns. Webb’s Tangle Network, built on the powerful Substrate framework, is designed to tackle these challenges by offering a next-generation blockchain platform.
Why Tangle Network?
Our vision is to make it easier for developers to create secure, private zero-knowledge (ZK) and multi-party computation (MPC)-based decentralized applications. Tangle Network simplifies:
- Proof Generation: Delegate computational tasks to our validators.
- Trusted Setups: Tangle Network manages complex ceremonies for you.
- Secure Signing: Utilize our threshold signing for cross-chain operations.
By removing these barriers, we massively improve the time to launch for ZK and MPC-based decentralized applications.
- Unparalleled speed, security, and scalability via Substrate.
- Decentralized control through Distributed Key Generation (DKG).
- Advanced protocols for zero-knowledge applications.
- Cross-chain compatibility with IBC and XCM.
- Easy migration of existing apps through Ethereum Virtual Machine (EVM) support.
- Smooth, forkless upgrades.
The Testnet launch kicks off with an in-depth whitepaper, followed by a series of engagement events during the testnet phase. Our mainnet is scheduled for a Q1/Q2 2024 launch, featuring hackathons, workshops, and a targeted grant program to accelerate the adoption of privacy-focused applications.
Testnet Quick Links
- Developers: Start building on Tangle today. Learn More
- Validators and Relayers: Help secure and maintain the network. Learn More
- Join the Community: Follow us on Twitter or join our Discord.
For media inquiries, partnerships, or more information, email us at [email protected]
ChainUp Celebrates 6th Anniversary, Charting Blockchain Innovations beyond Digital Assets
SINGAPORE, Sept. 29, 2023 /PRNewswire/ — ChainUp, a Singapore-based trailblazer and global leader in the blockchain industry, marked its sixth anniversary celebration with more than 500 business partners at Ce La Vi Singapore. During the celebration, ChainUp Founder and CEO, Sailor Zhong reflected on the journey, “Six years in the blockchain industry showcases our resilience, innovation, and forward-looking approach. As we look to the future, we are committed to shaping a digital asset environment that is reliable, transparent, and unparalleled. ChainUp aims to champion blockchain solutions beyond the applications of digital assets and bridge the gap between digital asset markets and traditional finance (TradFi) to increase effectiveness and market efficiency.”
The DEX Renaissance
As decentralized finance (DeFi) comes into prominence and focused on returning control to users, one of the sectors impacted by DeFi are the exchanges where cryptocurrencies are traded. Data from CoinMarketCap reveals that trading volumes on Decentralized exchanges (DEX) reached $1.2 trillion in 2022, indicating a 340% YoY growth. However, factors such as poor user experience impeded the rate of adoption of DEX. Recognizing this trend, ChainUp has updated its white-labeled DEX solution, incorporating advanced features, strengthening its security, improving its liquidity and aims to provide a decentralized trading experience that is on par with commonly-used centralized exchanges (CEX).
Bridging TradFi and Digital Assets Market
The traditional financial sector has been progressing very cautiously on digital assets. As more institutions lean into RWA tokenization, they unlock unparalleled liquidity in a borderless trading environment. Amidst this evolution, ChainUp’s RWA solutions emerge as an industry pioneer, offering robust tokenization protocols, seamless integration, and enhanced security, bridging the gap between TradFi and the digital future with unmatched finesse.
Minimizing Risk and Maximizing Security
ChainUp’s MPC Wallet revolutionizes crypto security by integrating MPC technology with advanced hardware isolation, ensuring utmost safety and encryption on data. The wallet offers dynamic key-refreshing mechanisms, chain-agnostic compatibility, and eliminates single-point vulnerabilities. With efficient multi-address management and 24/7 expert support, users enjoy full asset control, scalability, and cost-efficiency, all under one roof.
Compliance: The Guiding Principle
Navigating global regulations in the blockchain sector can be complex. ChainUp’s KYT subsidiary, Trustformer, offers peace of mind for enterprises tackling compliance-related challenges. ChainUp’s advanced solutions in Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) show their commitment to a more secure blockchain environment.
For detailed insights into ChainUp’s innovative solutions, please visit: https://www.chainup.com?channel=pr&type=article
Headquartered in Singapore, ChainUp is a global leading end-to-end blockchain technology solutions provider covering infrastructure development and ecosystem support. Built on the mission to empower businesses through blockchain technology, ChainUp’s innovative and all-around compliant solutions include digital asset exchange, KYT, NFT trading, wallet, liquidity, Web3.0 infrastructure, digital asset custody, security token offerings and more. Established in 2017, ChainUp has offices around the world, serving more than 1,000 clients in 30 countries, reaching over 60 million end-users.
CONTACT: Jacelynn Pang, [email protected]
BingX Collaborates with WunderTrading to Elevate Crypto Automated Trading
SINGAPORE, Sept. 27, 2023 /PRNewswire/ — BingX, a leading global cryptocurrency exchange, is thrilled to announce its integration with WunderTrading, a cutting-edge platform that allows users to trade and invest crypto seamlessly using automated trading bots. This strategic partnership is aimed at enhancing the automated trading experience for BingX users and introducing a new level of convenience and innovation.
WunderTrading is a cloud-based cryptocurrency trading platform that simplifies cryptocurrency trading experience for beginners. Users can easily copy strategies of renowned traders or create their own. The platform offers an advanced trading terminal and automated bots integrated with TradingView, allowing users to manage portfolios efficiently within a single app. WunderTrading stands out by consolidating trading tools, enhancing user experience, and introducing unique features like the Spread-trading Terminal.
The integration of BingX and WunderTrading offers BingX users a significant advantage. With access to TradingView integration and the innovative Spread-trading Terminal, users can automate their trading strategies and diversify their portfolios with minimal risk. The Spread-trading terminal enables BingX users to choose assets for constructing a spread and will execute buy and sell orders simultaneously for the selected pairs. This integration empowers BingX users to create and fine-tune crypto trading bots swiftly, providing a unique opportunity to optimize their trading while minimizing market volatility risks.
Megan Nyvold, Head of Branding at BingX, expressed her excitement about the collaboration, saying, “BingX is always striving to offer our users the most innovative and user-friendly tools to navigate the crypto market with efficiency and greater ease. Our partnership with WunderTrading is a significant step forward. With this integration, we empower our users to trade smarter, diversify their portfolios, and navigate the crypto market with newfound confidence. We’re excited to see our users leverage the power of automated trading through WunderTrading and make the most of this enhanced trading experience.”
As BingX and WunderTrading join forces, users can look forward to an enhanced trading journey filled with innovative tools and features designed to optimize their trading strategies.
BingX is a leading crypto exchange that offers spot, derivatives, copy, and grid trading services to over 100 countries and regions worldwide with over 5 million users. BingX continues to connect users with expert traders and the platform in a safe and innovative way. Please visit https://bingx.com to learn about BingX.
- Webb Unveils Tangle Network Testnet, Pioneering the Future of Private, Decentralized Applications
- ChainUp Celebrates 6th Anniversary, Charting Blockchain Innovations beyond Digital Assets
- BingX Collaborates with WunderTrading to Elevate Crypto Automated Trading
- OKX Proof of Reserves Ranked Highest Quality Among Major Exchanges as 11th Consecutive Monthly Reserves Report is Published
- ACX’s technology to power Indonesia Carbon Exchange
- Bitget’s Smart Portfolio Bot Enables Sophisticated Crypto Trading For Users
- Nex News Network Launches World’s First Blockchain-Integrated Web3 and Metaverse News Platform
- Bitget Wallet Quick Buy Expands Fiat Support to Include EUR/RUB/JPY Currencies
- CoinScan Emerges from Stealth with $6.3 Million in Funding
- Vestinda Bridges Web3 and Traditional Finance with Support for 100,000 Asset Pairs
- aelf Sets Up Global Hub in Singapore to Support Web3 Developer Ecosystem Growth
- OKX PARTNERS WITH SOLANA MOBILE TO BE AMONG THE FIRST EXCHANGE APP ON SAGA WEB3 SMARTPHONE
- nChain appoints Peter Coulson as its new group COO
- MAX Exchange and Bitget announce strategic partnership, marking MAX Token’s debut on an international exchange
- BingX Sponsored Hackathons in APAC for Web3 Talent Development
- Global Payout, Inc.
Since the Company’s inception in 2009, Global Payout, Inc. has been a leading provider of compreh...
- MTrac Tech Corp.
MTrac Tech Corporation, a Nevada Corporation, is a privately held, wholly owned subsidiary of Glo...
Net1 is a leading provider of transaction processing services, financial inclusion products ...
- uBUCK Technologies SEZC
Based in Georgetown, Cayman Islands, uBUCK Tech is a fintech enterprise that specializes in digit...
- LiteLink Technologies Inc.
LiteLink is a major player in developing world-class enterprise platforms that utilize ar...
- Good Gamer Corp.
Good Gamer Corp. is a privately-held technology company focusing on gamers and streamers....
Founded in 2011, BitPay pioneered blockchain payment processing with the mission of trans...
- About Net1
Net1 is a leading provider of transaction processing services, financial inclusion produc...
- Blockchain Foundry Inc.
Headquartered in Toronto, Canada, Blockchain Foundry (CSE:BCFN)(FWB:8BF)(OTC:BLFDF) is a global b...
Sixgill provides a full suite of universal data automation and authenticity products and services...
Trending on TBE
Blockchain Press Releases2 weeks ago
MAX Exchange and Bitget announce strategic partnership, marking MAX Token’s debut on an international exchange
Blockchain Press Releases2 weeks ago
OKX PARTNERS WITH SOLANA MOBILE TO BE AMONG THE FIRST EXCHANGE APP ON SAGA WEB3 SMARTPHONE
Blockchain1 week ago
Nex News Network Launches World’s First Blockchain-Integrated Web3 and Metaverse News Platform
Blockchain Press Releases1 week ago
Bitget Wallet Quick Buy Expands Fiat Support to Include EUR/RUB/JPY Currencies
Blockchain2 weeks ago
nChain appoints Peter Coulson as its new group COO
Blockchain5 days ago
OKX Proof of Reserves Ranked Highest Quality Among Major Exchanges as 11th Consecutive Monthly Reserves Report is Published
Blockchain5 days ago
ACX’s technology to power Indonesia Carbon Exchange
Blockchain Press Releases2 weeks ago
aelf Sets Up Global Hub in Singapore to Support Web3 Developer Ecosystem Growth