Year: 2024

It has been in the news for quite a few years that Australia is planning on shuttering the 3G network, and it is finally happening in phases. Vodafone was the first to do it, by closing down its 3G operations between December 2023 and January 2024. Telstra and Optus will follow suit in 2024, in the month of June and September, respectively.

How does the 3G sunset affect Australians?

The 3G sunset has brought on a wave of panic that nearly three quarters of a million Australians might be cut off from emergency services with the handsets they presently use. It means they won’t be able to dial the emergency Triple Zero number (Australia’s main emergency service) when Telstra and Optus close their 3G networks. To combat that issue, The Australian Federal Government has created a Working Group to ensure the transition from 3G to 4G is seamless as possible.

The new group was established a couple of days after Australian Communications Minister Michelle Rowland spoke about the problem, and asked the three major mobile operators – Telstra, Optus and TPG ( formerly Vodafone Hutchison Australia), along with the Australian Mobile Telecommunications Association (AMTA), to join the working group. It is being supervised by the Department of Infrastructure, Transport, Regional Development, Communications and the Arts.

What will be the focus of the Working Group?

The announcement of the 3G network switchover was first made in 2019, in order to provide a more efficient use of spectrum by mobile network operators, to improve data speeds and capacity.

A common problem detected is that many customers are using old 4G handsets, and believe their device will automatically function using 4G, once the 3G network is permanently shuttered. The handsets could continue to operate normally for voice and data, which is why many are unaware of the impending concern.

The Working Group will target a subset of 4G handsets configured by the manufacturer to use 3G for calling Triple Zero, despite otherwise working over 4G to make voice calls. It is indeed very troubling because users won’t know that their handset can’t call Triple Zero after the switchover. It can only be discovered during an emergency when they try to dial.

What efforts are being undertaken?

The Working Group is collaborating with industry experts and stakeholders to identify impacted customers, improve accessibility of public-facing information and contact points, and amplify messages to ensure the community is aware of the switchover.

Telcos are reaching out individually to advise customers with older 4G phones, devices purchased overseas and now being used in Australia, or those bought via the “grey market”,

about their handsets not being properly configured to make emergency calls post the 3G shutdown. The three mobile operators have been asked to submit action plans at the earliest, and instructed to update on a fortnightly basis.

Older 4G handsets don’t support VoLTE emergency calls. They have VoLTE capability that enables voice calls and Internet access, but these devices revert to 3G for emergency calls. Australians have been continuously urged to upgrade affected devices or get new ones to ensure they have connection to faster 4G and 5G mobile services.

If warranted in the public interest, options exist under law for the Government to consider regulatory intervention – including proposals for delays to planned switchovers, subject to required consultation and procedural processes. However, consumers have been strongly discouraged to avoid placing test calls to Triple Zero. This is because impacted gadgets will still work over current 3G services until the 3G switchovers occur later in 2024. Moreover, it could disrupt the networks and prevent others from accessing live-saving support.

What triggered the threat?

Telstra’s power outage

The inability to contact emergency services was highlighted when a person from Melbourne, Victoria, died due to cardiac arrest during a Triple Zero outage that affected the Telstra network. Telstra is the national emergency call provider which directs calls to emergency service organizations around the country.

The deceased’s family tried to call for help, but the call couldn’t be forwarded right away to paramedics. The outage lasted for more than an hour, during which Telstra operators could answer calls but failed to redirect them to all Triple Zero call centers. The outage lasted for 90 minutes, and among the almost 500 calls to Triple Zero during that window, Telstra was unable to transfer 148.

The service was intermittently malfunctioning between 3.30am and 5am, which meant that some operators had to resort to email referrals. Triple Zero Victoria operators couldn’t receive those until well after 7 am. By the time the paramedic crew responded to the Melbourne patient experiencing cardiac arrest, it was too late, and the resuscitation efforts were unsuccessful.

Optus’ breach of public safety rules

Optus had to pay a hefty fine of $1.5 million Australian dollars (US$980,316), when it was found guilty of large-scale breaches of public safety rules around its Triple Zero system, putting many consumers at risk.

The ACMA conducted a thorough investigation, and discovered that the operator hadn’t uploaded required information of almost 200,000 mobile customers to the Integrated Public Number Database (IPND) between January 2021 and September 2023. The INPD is utilized by services like the Emergency Alert service to warn Australians of disasters such as floods and bushfires, and by Triple Zero to provide location details to law enforcement, ambulance and fire brigade in an emergency.

What does the current scenario look like?

The AMTA flagged this issue in November, 2023 – three weeks before Vodafone started phasing out its 3G network from December 15. AMTA CEO Louise Hyland had previously stated that customers have to act immediately if they have an older mobile device that still connects to a 3G network, which hasn’t been upgraded. It has listed 20+ common devices that are likely to be affected by the 3G closure.

The government is closely monitoring the transition. As mentioned, there are various options in law, which include potential proposals to delay the 3G switchovers. Telstra is next in line to shut down its 3G networks, and working closely with other mobile network operators, the ACMA (Australian Communications and Media Authority) and the federal government to manage Australia’s transition from 3G to 4G. The switchover is crucial for the connectivity and future productivity of the country, to be achieved via increased speed, efficiency, and capacity. As per their spokesperson, 3G now accounts for only 1% of Telstra’s mobile network traffic. Many of their customers had begun upgrading their mobile devices ever since the 3G shutdown was announced 5 years ago.

With 740,000 customers about to be impacted by the 3G shutdown, will the government step in to delay the switchover? Communications Minister Michelle Rowland has assured Australians of a safe transition. As per the latest update an inquiry has been initiated due to the Senate voting in favor of a One Nation motion into the 3G mobile network shutdown. One Nation Senator Malcolm Roberts stated that telcos have to delay the 3G sunset till the inquiry is complete and it is 100% certain that Australians are ready for the switch.

The 3G network shutdown has already begun in Australia, with Vodafone kicking it off on December 15, 2023. Rival telco Telstra will switch off its 3G network on June 30, 2024, while Optus has set a date for the switch-off as September 2024.

How does the 3G shutdown impact security of businesses?

The 3G sunset has a considerable impact which includes business disruptions, regulatory compliance, increased vulnerabilities, data privacy concerns, and hacker exploitation. Threats arising due to outdated protocols could expose sensitive data and compromise the integrity of operations. Take a look:

• The 3G shutdown can expose systems to cyber threats as many businesses still use 3G networks. As they are phased out, security patches and updates for these systems may stop, giving hackers an excellent opportunity to attack.
• The process of transitioning from 3G to newer networks introduces vulnerabilities that cybercriminals may exploit. During this period, devices are generally more susceptible to attacks as they adapt to new network configurations.
• Older devices might not be compatible with 4G/LTE, so transitioning would be problematic.
• The encryption protocols used in 3G networks might not be as robust as those in newer networks. Inadequate encryption can lead to unauthorized access and interception of sensitive data.
• Phishing and social engineering have become common these days – cybercriminals con people by posing as representatives of network providers, giving phony upgrade alternatives or providing false information. Users could be tricked into installing malware or giving out personal details via social engineering attacks.

Why upgrade to 4G/LTE?

People are still asking – is 3G still available in Australia? It is, in limited capacity, but the 3G shutdown (Australia) for major telcos is imminent in 2024, so it is advisable to make the switch immediately. The 4G/LTE network offers a range of benefits that significantly enhance your security system’s performance and reliability:

Faster Communication

4G technology provides quicker data transfer, ensuring that your information is transmitted within seconds.

End-to-End Encryption

All data transmitted over the network is encrypted, providing a secure communication channel.

Improved Authentication

Advanced authentication mechanisms are implemented to safeguard against unauthorized access. 

Future-Proof Security

As 3G networks are gradually being phased out, upgrading to 4G ensures that your device remains up-to-date and compatible with the latest advancements.

How to secure 4G networks?

Rather than researching the exact date of when will 3G be turned off in Australia, it is time to start preparing for the future:

Understand the risks 

The first step to securing your 4G networks is to understand the risks and potential impact of a security breach. You should conduct a thorough risk assessment to identify the most critical assets, likely threats, and effective countermeasures. You should also monitor the network performance, traffic, and anomalies to detect any signs of malicious activity.

Encrypt the data

Encryption ensures that even if data is somehow accessed by unauthorized parties, it remains unreadable, while authentication verifies the identity and integrity of the devices and users. Strong encryption algorithms and keys are used to implement mutual authentication between the network elements and the devices.

Implement firewalls and VPNs 

Implementing firewalls and VPNs (Virtual Private Network) are a must, in order to control the access the traffic of your 4G networks. Firewalls filter the incoming and outgoing traffic based on predefined rules and policies, and block any unauthorized or suspicious connections. VPNs create a secure channel between devices and the network, while encrypting data in transmit. You have to configure the firewalls and the VPNs according to the network requirements and the security standards.

Updating and patching software

There will inevitably be bugs and vulnerabilities that hackers can exploit to compromise the network. You should regularly check for the latest updates and patches from the vendors and providers, and install them as soon as possible – they can easily fix these issues.

Training consumers

Users are generally the weakest link in the security chain, as they could fall victim to phishing, malware, or cyber attacks. Provide users with clear and simple guidelines on how to use the network safely and securely, and the process of reporting any incidents or issues.

Review and audit security measures 

It is very important to review and audit the security of 4G networks consistently. Evaluate the effectiveness and efficiency of security measures and policies, while identifying r weaknesses. Conduct regular audits and tests to verify the compliance and the performance of the network security, and make any necessary adjustments or improvements.

Security Features of 4G/LTE Upgrades

Authentication and Encryption

4G networks make use of mutual authentication between the user device and network. The device always verifies the network’s identity and vice-versa, via keys and certificates. Data transmitted over air interface is encrypted using strong encryption algorithms like Advanced Encryption Standard (AES). This encryption ensures that even if data is intercepted, it remains unreadable without the decryption keys. There is another type of authentication where Subscriber Identity Module (SIM) or Universal Subscriber Identity Module (USIM) cards are used. They store cryptographic keys and play an integral role in ensuring no one gets access to the network except authorized users. 

Key Management

Robust key management protocols are used to securely handle encryption keys, ensuring their confidentiality and preventing unauthorized access to these critical keys.

Segmentation

Virtualization technologies separate different network services, preventing security breaches from spreading across the entire network if one segment is compromised.

Protecting Integrity

Using Hash-based Message Authentication Code (HMAC), integrity protection is established, to ensure that the data being transmitted is authentic and hasn’t been tampered with. Device integrity lets only authorized and verified software components get loaded during the boot-up process, so no malicious code can be executed. Internet Protocol Security is also implemented for secure communication between network elements, thus providing a secure channel for data transmission within the LTE network. 

Improved Privacy Protocols

It is necessary to protect location privacy of users; temporary identifiers are often used instead of static identifiers – these make it tougher to track a user’s movements. For subscriber identity privacy, temporary mobile subscriber identity (TMSI) and pseudonymization are used to hide the actual identity, thus reducing the risks associated with tracking. 

Firewalls 

Mobile networks implement firewalls and Intrusion Detection Systems for round-the-clock monitoring. They are used to control the traffic entering and exiting the network – you can detect and prevent unauthorized access attempts, malware, and other breaches. There are Access Control Lists too, which are created to specify which devices or users are allowed to access network resources, thus preventing unauthorized access.

Lawful Interception

Rest assured, 4G/LTE networks have protocols in place to support lawful interception. So if there is a chance of data breaches, authorities can monitor communications in compliance with legal requirements. If any threat is detected, they can intervene and take prompt action. When does 3G end in Australia? That is what everyone wants to know! But businesses and consumers have to start preparing beforehand. The former should begin talking to cybersecurity organizations and seek certifications for the upgraded network’s security measures. As of now, the 4G/LTE upgrades will be rolled out in phases for minimal disruptions, but dedicated customer support channels are being established to ensure a smooth transition. Businesses have to train network operators and support staff on the new security protocols and features, without further delay!