4G and 5G networks vulnerable to multiple attacks, US researchers find
With the World Mobile Congress going on right now, we’re bombarded with 5G-related news and products even more than usual. One of the features 5G is promising to bring is improved signal security. That might be true, but a team of scientists has discovered that even the newest standard is not flawless, and what’s worse, the same issues they found were present in 4G networks currently used by billions of people around the world.
The researchers are from two US universities: Purdue University and the University of Iowa. They contacted TechCrunch with their findings before officially releasing their paper about the findings.
The team found three ways in which the wireless connections can be compromised. The first one, named Torpedo, exploits the so-called paging protocol, which is used by carriers to locate a device before patching through a call or a message to it.
During the tests, it was discovered that a short burst of calls that are quickly canceled can cause the targeted phone to release a paging message, revealing its location. This, in terms, can give attackers access to the paging channel of the device, which can be then exploited to block messages from reaching the device or sending fake ones to it.
The Torpedo attack can lead to another one with an equally cool name: Piercer. This second attack can grant the wrongdoers access to a phone’s international mobile subscriber identity number (IMSI) on 4G networks. As you can tell from the name, that’s a unique number for every mobile connection that’s used to identify it across the globe. For obvious reasons, that number is encrypted and transmitted between the device and the network as rarely as possible.
The last attack, a variation of Piercer, is called IMSI-Cracking. Again, the name kind of gives away what it’s meant to do. The attack can brute-force the encryption of both 4G and 5G networks to reveal the IMSI numbers of its users.
The researchers stated that these attacks are neither complicated to execute (for hackers’ standards we assume) nor required super expensive equipment. The devices needed to perform the Torpedo attack could be bought for around $200. This type of vulnerability is present on all four major US carriers, the scientists said, while only one US network was susceptible to the Piercer attack.
Of course, the findings were reported to the appropriate authorities, including the carriers themselves, so hopefully, measures will be taken quickly to fix the vulnerabilities.
The team found three ways in which the wireless connections can be compromised. The first one, named Torpedo, exploits the so-called paging protocol, which is used by carriers to locate a device before patching through a call or a message to it.
The Torpedo attack can lead to another one with an equally cool name: Piercer. This second attack can grant the wrongdoers access to a phone’s international mobile subscriber identity number (IMSI) on 4G networks. As you can tell from the name, that’s a unique number for every mobile connection that’s used to identify it across the globe. For obvious reasons, that number is encrypted and transmitted between the device and the network as rarely as possible.
The last attack, a variation of Piercer, is called IMSI-Cracking. Again, the name kind of gives away what it’s meant to do. The attack can brute-force the encryption of both 4G and 5G networks to reveal the IMSI numbers of its users.
Of course, the findings were reported to the appropriate authorities, including the carriers themselves, so hopefully, measures will be taken quickly to fix the vulnerabilities.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: