#Lords mobile hack 2017 driver
Open RAN, such as it plays a role, does so because it is one further driver of cloud function adoption, and of automated processes. However, with telcos increasingly adopting containerised functions deployed on Kubernetes and automating processes via APIs, the attack surface arising from cloud adoption is increasing and needs to be addressed, Nohl said.
Instead, Nohl focussed much more on the generic vulnerabilities that the increased use of cloud software and automated processes can entail in any environment and, as such, the vulnerabilities found would apply to other private cloud instances, he added. There is nothing specific about the Open RAN architecture, protocols or interfaces that his researchers have called out. Karsten Nohl of Security Research Labs, speaking to the May Contain Hackers conference, said that his team of researchers had found ways to move from an initial penetration of a cloud instance, gaining enough credentials to spy on user communications, extract user data, gain system admin status and ultimately to take down a network.Īlthough Nohl’s speech was headlined as exposing Open RAN vulnerabilities, it was in fact by Nohl’s own admission not really about telecoms protocols, still less about Open RAN itself. A security researcher who has previously exposed GSM and SS7 security issues has warned that telco adoption of cloud based operations for IT and network functions leaves them open to a host of new security vulnerabities.
0 kommentar(er)
