View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Networks
June 2, 2014

GPRS roaming networks vulnerable to unauthorised access

Security scans find that 5,500 GRX hosts are accessible from the internet.

By CBR Staff Writer

Security scans done over months have revealed that the GPRS Roaming Exchange (GRX) network is vulnerable to being accessed by unscrupulous elements.

The GRX networks, which carry roaming traffic among mobile operators worldwide, are isolated and inaccessible from the internet. There are only about 25 such networks in existence, which are supposed to be available to a select group of established telecommunication operators.

But security scans found that 5,500 of the 42,000 live GRX hosts are accessible from the Internet. In several cases they were found to be using outdated software with known critical remote code execution vulnerabilities such as old versions of BIND, Exim, Sendmail, OpenBSD ftpd, ProFTPD, VxWorks ftpd, Apache, Microsoft IIS, Oracle HTTP Server, Samba and others.

The scans on GRX were undertaken by Stephen Kho and Rob Kuiters, a penetration tester and an incident response handler working with Dutch telecom company KPN.

The duo made the revelations at the Hack in the Box (HITB) security conference in Amsterdam.

In a statement on the HITB website, Kho and Kuiters said that they were inspired to do the scans after Edward Snowden’s revelations last year that the UK Government Communications Headquarters (GCHQ) hacked into the GRX network of Belgian telecom operator Belgacom International Carrier Services.

The GCHQ was alleged to have used the GRX routers to snoop on mobile users.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

The scans show that services such GTP (GPRS Tunneling Protocol) and DNS (Domain Name System), SMTP (Simple Mail Transfer Protocol), FTP (File Transfer Protocol), HTTP (Hypertext Transfer Protocol), Telnet, SMB (Server Message Block) and SNMP (Simple Network Management Protocol) seem to have been exposed, reported PC World.

According to Kho and Kuiters, accessing the GRX networks was easy as it could be done by using easily available tools like Metasploit.

Photo courtesy of Xedos4/

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.