Researchers find DOZENS of security flaws in LTE networks that let attackers eavesdrop on user data and send fake texts
- Researchers used a method called ‘fuzzing’ to find security flaws in LTE networks
- They found 36 vulnerabilities, one of which lets attackers eavesdrop on data
- Other security issues include spoofed texts and cutting off network access
Researchers in South Korea have discovered 36 new vulnerabilities in LTE networks.
The flaws range in severity, but one of the worst examples could allow attackers to eavesdrop on user data traffic.
A team of researchers from the Korea Advanced Institute of Science and Technology conducted the study and their findings are laid out in a new 16-page report.
Scroll down for video
Researchers have discovered 36 new vulnerabilities in LTE networks. The flaws range in severity, but one of the worst examples could allow attackers to eavesdrop on user data traffic
Researchers spotted the vulnerabilities by using a technique called ‘fuzzing.’
This involves sending massive amounts of data, or ‘fuzz,’ to a test subject with the objective of pinpointing security loopholes.
They used a tool called ‘LTEfuzz’ to discover the particular exploits in LTE networks.
‘LTEFuzz successfully identified 15 previously disclosed vulnerabilities and 36 new vulnerabilities in design and implementation among the different carriers and device vendors,’ the report states.
Through a series of proof-of-concept attacks against operational LTE networks, they found a range of vulnerabilities.
One particular attack seeks to disconnect the user from their mobile network, while another sends spoofed SMS messages.
A team of researchers from the Korea Advanced Institute of Science and Technology conducted the study and their findings are laid out in a new 16-page report
Pictured is a graphic breaking down how ‘fuzzing’ operates. Fuzzing involves sending massive amounts of data, or ‘fuzz,’ to a test subject with the objective of pinpointing security loopholes
The third, and perhaps most concerning, security flaw lets attackers manipulate and eavesdrop on user data traffic.
Researchers also found that the security issues can vary based on different factors.
For example, one carrier can have different vulnerabilities on two different pieces of networking hardware.
Additionally, one piece of networking equipment can experience different vulnerabilities when used by two separate carriers.
A comprehensive report detailing the researchers’ full findings will be presented at the IEEE Symposium on Security and Privacy in late May.
The research comes as many carriers are moving to adopt next-generation 5G networks.
5G mobile networks are said by many to be more secure than LTE or 4G networks, but security experts have already identified flaws.
WHAT ARE THE SECURITY FLAWS IN 4G AND 5G NETWORKS?
A team of researchers have discovered three new vulnerabilities in both 4G and 5G networks that could allow anyone to intercept your phone calls, fake text messages and track your location.
The worst of the three attacks, called Torpedo, takes advantage of a flaw in a network’s paging protocol.
Paging protocols comprise the system that notifies phones of incoming calls and texts.
The researchers discovered that if they placed and cancelled a flurry of phone calls over a short time period, it would send a paging message without alerting the phone owner to an incoming call.
In doing so, the attacker is able to track the victim’s location.
To carry out the Torpedo attack, all it takes is a $200 device to place the calls.
The Piercer flaw allows the attacker to associate a victim’s phone number with their international mobile subscriber identity (IMSI), or a device’s ‘persistent identity.’
By learning their IMSI, it enables the attacker to further keep track of the user’s location.
The final vulnerability, called IMSI-Cracking, is achieved via a brute force attack, wherein automated software is used to decode encrypted data.
It allows attackers to crack the device owner’s IMSI on a 5G network and enables all kinds of snooping, including those used by ‘stingrays,’ or tracking devices used by police to monitor someone’s real-time location.