4G and 5G networks vulnerable to multiple attacks, US researchers find
The researchers are from two US universities: Purdue University and the University of Iowa. They contacted TechCrunch with their findings before officially releasing their paper about the findings.
The team found three ways in which the wireless connections can be compromised. The first one, named Torpedo, exploits the so-called paging protocol, which is used by carriers to locate a device before patching through a call or a message to it.
During the tests, it was discovered that a short burst of calls that are quickly canceled can cause the targeted phone to release a paging message, revealing its location. This, in terms, can give attackers access to the paging channel of the device, which can be then exploited to block messages from reaching the device or sending fake ones to it.
The Torpedo attack can lead to another one with an equally cool name: Piercer. This second attack can grant the wrongdoers access to a phone’s international mobile subscriber identity number (IMSI) on 4G networks. As you can tell from the name, that’s a unique number for every mobile connection that’s used to identify it across the globe. For obvious reasons, that number is encrypted and transmitted between the device and the network as rarely as possible.
The last attack, a variation of Piercer, is called IMSI-Cracking. Again, the name kind of gives away what it’s meant to do. The attack can brute-force the encryption of both 4G and 5G networks to reveal the IMSI numbers of its users.
The researchers stated that these attacks are neither complicated to execute (for hackers’ standards we assume) nor required super expensive equipment. The devices needed to perform the Torpedo attack could be bought for around $200. This type of vulnerability is present on all four major US carriers, the scientists said, while only one US network was susceptible to the Piercer attack.
Of course, the findings were reported to the appropriate authorities, including the carriers themselves, so hopefully, measures will be taken quickly to fix the vulnerabilities.