New SecurityGen study highlights hidden threat to 5G mobile networks from GTP-based cyber-attacks

SecurityGen has presented its latest research findings on GTP vulnerabilities in the paper - GTP vulnerabilities: A cause for concern in 5G and LTE networks. This research highlights how GTP is still vulnerable. And as GTP will continue to play a role in 5G networks given the interplay and integration of technologies, MNOS must become more aware about these threats and ensure proactive security measures for GTP protocol.
SecurityGen unveils 5G Cyber-security Lab
Telecom security experts call on operators to put in place comprehensive cyber-security measures against GTP threats.

London, UK – 10 August 2023 –ย Mobile operators need to reassess security vulnerabilities in the key GTP (GPRS Tunnelling Protocol) protocol and bolster GTP security within their networks as they continue to invest in and roll out 5G, according to a new study byย SecurityGen, the global provider of security solutions and services for the telecom industry.


SecurityGenโ€™s latest report titled –ย GTP vulnerabilities: A cause for concern in 5G and LTE networks. Based on 150 telecom security assessments of 39 live mobile networks during 2022 and 2023, found that nearly 77 percent of networks had no cyber-security measures in place against GTP-based attacks. Only 23 percent had a high level of cyber-security measures to keep successful GTP-based test attacks to a minimum.

โ€œDespite its widespread use, the GTP mobile network protocol is not entirely secure and opens up opportunities for attackers to intercept sensitive user data, engage in fraudulent activities, or disrupt network services,โ€ said Dmitry Kurbatov, co-founder and CTO of SecurityGen. โ€œAs we explored and examined GTPโ€™s security vulnerabilities, it became apparent that the protocol requires in-depth consideration and robust mitigation strategies to block the potential threats more so in the 5G set-up.โ€

The study is based on the results of over 150 telecom security assessments by SecurityGen during the last 12 months involving 39 mobile operators in 24 countries across the SEA, LATAM, and MEA regions. It highlights the most critical GTP-related threats to raise awareness among mobile operators and stakeholders of the hidden vulnerabilities within the protocol.

The SecurityGen assessments found that all of the tested networks exhibited some vulnerabilities in their management of the GTP protocol:

    • In 71 percent of networks assessed, GTP-based test attacks on subscriber information disclosure were successful, Which can be used to impact subscribers, perform other attacks, target other interfaces, radio interfaces, and OS and network vulnerabilities.
    • 62 percent of networks assessed were vulnerable to fraudulent activityย involving the GTP protocol.
    • 85 percent of networks were susceptible to targeted attacks on subscribersย aimed at impeding or completely interrupting the functionality of data transmission services.
    • 46 percent were vulnerable to network equipment denial-of-service attacks.ย Using this vulnerability, an attacker can simultaneously hinder network (Internet) connection for individual subscribers and many users via network equipment denial.
    • User traffic interception was successful in 69 percentย of the networks tested. By exploiting this vulnerability, an attacker can direct all incoming traffic to their equipment by altering the nodes that process the user traffic.

โ€œThroughout our assessments, we were surprised that not a single network was protected with a GTP firewall. Even when mobile operators claimed to have a GTP firewall deployed, we could carry test attacks successfully, as there was no functional GTP firewall in place,โ€ commented Kurbatov. โ€œThis suggests that either the GTP firewall was not actively operational, or its filtering rules were not correctly configured or enabled.โ€

โ€œSome mobile operators employ IP address filtering from non-roaming partners to incoming traffic as a counter-measure โ€“ however, our simulated test attacks were still able to bypass this technique. The deployment of a fully functional GTP firewall could significantly improve these statistics and provide more robust protection against potential threats. Adopting advanced GTP firewall solutions undoubtedly enhances the overall security of mobile networks and protects them against multiple GTP attack vectors.โ€

Kurbatov continued, โ€œThe interconnected nature of 3G, 4G, and now 5G mobile networks across different generations amplify the risks posed by GTP security vulnerabilities. Our research highlighted a worrying lack of robust security measures across a significant proportion of the mobile networks we examined. Despite ongoing efforts by the GSMA and individual mobile operators since 2017, we found that comprehensive cyber-security measures are still not in place for the most part.

โ€œThe increasingly vital role of mobile technology in nearly every aspect of how we live and work means that operators must regard effective cyber-security measures and policies that protect their networks and mobile users as a commercial and operational priority. This includes a comprehensive GTP protection strategy encompassing deployment of functional GTP firewalls, the application of GSMA-recommended protections, the integration of intrusion detection systems, and the regular monitoring of all network communication interfaces,โ€ added Kurbatov.

โ€œThe findings of this study should serve as a wake-up call that spurs operators and the wider telecoms industry to take action necessary to secure our interconnected digital future.โ€

The SecurityGen White Paper, the title – GTP vulnerabilities: A cause for concern in 5G and LTE networks

About SecurityGen
Founded in 2022, SecurityGen is a global company focused on telecom security. We deliver a solid security foundation to drive secure telecom digital transformations and ensure safe and robust network operations. Our extensive product and service portfolio provides complete protection against existing and advanced telecom security threats.

www.secgen.com


Recent Content

Indoor 5G enables high-speed, low-latency connectivity in enclosed environments like offices, hospitals, and airports, supporting mission-critical applications and smart building operations. The market is driven by technological advancements in small cells, distributed antenna systems, and a mix of mmWave and Sub-6 GHz bands. Asia-Pacific leads in adoption due to smart city initiatives and government support. Picocells and antennas are key components, with growing demand in emerging economies fueled by subsidies and infrastructure upgrades. Recent developments include partnerships and acquisitions aimed at strengthening indoor 5G capabilities.
Twelve major European telecom providers, including Vodafone and Deutsche Telekom, have jointly urged the EU to allocate the full upper 6GHz band (6.425โ€“7.125 GHz) for mobile use, citing the spectrumโ€™s critical role in future 6G deployment. With the U.S. and China already advancing in this area, operators warn that delays could jeopardize Europeโ€™s digital leadership and hinder next-generation connectivity infrastructure.
Dirty data in data centers undermines everything from AI accuracy to energy efficiency. With poor metadata, data drift, and dark data hoarding driving up costs and emissions, organizations must adopt DataOps, metadata tools, and a strong data culture to reverse the trend. Learn how clean data fuels smarter automation, compliance, and sustainability.
The telecom industry in 2025 is undergoing a major transformation, driven by artificial intelligence (AI), cloud growth, next-gen cellular networks, and national data sovereignty. AI is reshaping cellular infrastructure, enhancing spectrum efficiency through innovations like ELAA (Extremely Large Aperture Arrays), and enabling smarter, adaptive networks.
Vodafone is expanding its role in the UK smart metering upgrade by providing fixed-line connectivity between energy suppliers and the Data Service Platform (DSP). This move complements its existing mobile network role and positions Vodafone as a critical telecom partner in the UK’s digital energy transition, helping to advance national net-zero and smart grid goals.
Financial institutions are adopting artificial intelligence (AI) to navigate complex regulations, transforming compliance into a competitive advantage. AI’s ability to process vast amounts of data quickly is proving transformative in meeting these challenges, automating tasks and improving efficiency. This shift allows compliance professionals to focus on strategic initiatives while ensuring regulatory compliance.
Whitepaper
Telecom networks are facing unprecedented complexity with 5G, IoT, and cloud services. Traditional service assurance methods are becoming obsolete, making AI-driven, real-time analytics essential for competitive advantage. This independent industry whitepaper explores how DPUs, GPUs, and Generative AI (GenAI) are enabling predictive automation, reducing operational costs, and improving service quality....
Whitepaper
Explore the collaboration between Purdue Research Foundation, Purdue University, Ericsson, and Saab at the Aviation Innovation Hub. Discover how private 5G networks, real-time analytics, and sustainable innovations are shaping the "Airport of the Future" for a smarter, safer, and greener aviation industry....
Article & Insights
This article explores the deployment of 5G NR Transparent Non-Terrestrial Networks (NTNs), detailing the architecture's advantages and challenges. It highlights how this "bent-pipe" NTN approach integrates ground-based gNodeB components with NGSO satellite constellations to expand global connectivity. Key challenges like moving beam management, interference mitigation, and latency are discussed, underscoring...

Download Magazine

With Subscription

Subscribe To Our Newsletter

Scroll to Top