4G Security Flaws Discovery
March 2018 by Keith Graham, CTO at SecureAuth
Following the discovery of a string of security vulnerabilities affecting 4G networks globally I wanted to offer insight from Keith Graham, CTO at SecureAuth. The flaws will render most Two-factor authentication (2FA) techniques null and void, posing real issues for businesses and consumers that use them to verify their identities.
Keith Graham, CTO at SecureAuth:
The latest flaws discovered on 4G networks pose serious ramifications for two-factor authentication security models. These flaws would allow attackers to target individuals and intercept or send messages on their behalf, spoof locations, and even disconnect mobile devices entirely from the mobile network – all elements that are used to verify users are who they say they are.
As cybersecurity becomes more important to organisations and consumers, we’re seeing greater adoption of two-factor authentication. But the reality is, in light of these findings, they really won’t be that much more secure. Two-factor alone is just not enough. The only way to prevent these exploits affecting you is to avoid all basic authentication methods; this includes one-time-passcodes delivered by SMS, e-mail or voice. And leverage modern adaptive access control capabilities to better secure the login process.
Keith is also available for interviews to discuss the implications of these vulnerabilities and what businesses can do protect themselves, as well as what key elements you should look for in authentication including:
• Avoid all basic authentication methods, including one-time-passcodes delivered by SMS, e-mail, and voice.
• Leverage modern adaptive access control capabilities to better secure the login process. Such methods of risk analysis should include:
o The ability to detect whether the users phone number has been subjected to ’sim swap’ fraud/account take over, and being subjected to phone number fraud.
o The ability to detect and block authentication requests from non-standard geographic locations.
o The ability to analyze and detect improbable authentication requests that may violate geo-velocity.
o The ability to detect the device the user is attempting to log in from, and verify that it’s a trusted device for that user.
o The ability to detect whether the login is originating from an anonymity network and could be an attacker masking their location and their IP address.
o The ability to detect whether the login is originating from a known malicious server and could be an attacker associated with using anomalous Internet infrastructure.