Between 2011 and 2014, a technological revolution occurred that disrupted telecommunications: sofware-defned radio (SDR). These devices democratized access to the radio interface, which previously required a signifcant budget to access such tools.
This milestone was seen as a catalyst that would enable new tools for studying communications that were previously unimaginable. This paved the way to study and exploit security vulnerabilities in telecommunications networks, becoming part of a unique arsenal of hacking tools worldwide.
From this commitment to the technological change of SDR, along with prior experience in managed services within telecommunications operators and hacking information technologies, the idea of ETHON SHIELD was born. Company dedicated to exploring the security of telecommunications networks using SDR; including drones, connected cars, 5G networks and a large number of sectors expected to embrace new communication technologies.
Ethon Shield strongly bets on development and imagination, the pillars we consider necessary to make our way with our own footprint.
Our core values are creativity, ingenuity, and independence.
Ethon Shield is totally specialized in the telecom sector, with extensive knowledge and skills associated to the sectors infrastructure. Our focus are audits that focus on protecting the business, products and communication services.
Backed by more than 40 years of accumulated experience in the telecom field, Ethon Shield has executed risk assessments services in large operators from Spain, Italy, UK, Norway or Sweden. Our audits also include assessment of commercial mobile, fixed, Wifi, TETRA, RF or IoT networks and services.
Our independence and neutrality from manufactures and mobile network operators ensure an objective report free from third-party influences. By maintaining this neutrality, we foster trust and transparency in our auditing process, empowering our clients to make informed decisions that enhance their security posture and operational effectiveness. Our assessments are designed solely to protect our clients’ networks.
Ethon Shield is a company that believes in constant research, development and innovation, generating a unique methodology used in telco security audits.
During the last few years, Ethon Shield has focused on 5G research, which has led to multiple publications that include thorough investigation in the 5G SIM cards, RAN networks and CORE networks.
01/
This paper unveils a vulnerability inherent in the 5G authentication and key agreement procedure that enables the correlation of the IMSI of a victim with the encrypted identity SUCI, labeled as the SUCI-Cracker attack. Through investigation and real-world analysis conducted across commercial 5G SA networks in Europe, the researchers demonstrate the feasibility of correlating IMSI values with encrypted SUCI identities using open-source software and SDR devices.
02/
This paper introduces multiple attacks on 5G networks and their practical implementation using open-source software.
03/
This paper has focused on one of the most renowned attacks on mobile technologies: the IMSI Catcher. The purpose of this attack is to steal the subscriber's identity in order to determine its location, in addition to being able to perpetrate numerous other attacks based on obtaining this number. Pre-5G technologies were vulnerable to these attacks because they sent the customer's identity in plane text, so with knowledge of the various network access procedures, it was possible to attack these vulnerabilities. This attack will be tested in the two main deployments that the fifth generation has, both 5G-NSA and 5G-SA.
2022 EKOParty, Buenos Aires
RF Village - Defcon 30 2022, Las Vegas
2019 DefCON, Las Vegas
RSA 2018, San Francisco
RootedCON 2018, Madrid
CyberSpectrum 2017, Las Vegas
