March 5, 2019

  • Major security flaws in 4G and 5G networks lets anyone listen in on calls, fake text messages and track your location

    5G 1

    It seems not even next-generation 5G networks are safe from security flaws.

    A team of researchers have discovered three new vulnerabilities in both 4G and 5G networks that could allow anyone to intercept your phone calls, fake text messages and track your location.  The study comes as carriers and phonemakers are preparing for 5G networks, which promise faster speeds, to launch around the world.

    Researchers from Purdue University and University of Iowa conducted the study and will present their findings at the Network and Distributed System Security Symposium in San Diego on 26 February.

    'Any person with a little knowledge of cellular paging protocols can carry out this attack,' Syed Rafiul Hussain, one of the paper's co-authors, told TechCrunch.

    The worst of the three attacks, called Torpedo, takes advantage of a flaw in a network's paging protocol.  Paging protocols comprise the system that notifies phones of incoming calls and texts.

    The researchers discovered that if they placed and cancelled a flurry of phone calls over a short time period, it would send a paging message without alerting the phone owner to an incoming call.  In doing so, the attacker is able to track the victim's location.

    To carry out the Torpedo attack, all it takes is a $200 device to place the calls, according to the Telegraph.

    All four major U.S. carriers - AT&T, Verizon, Sprint and T-Mobile, are reportedly affected by the Torpedo flaw.

    Hussain told TechCrunch that one major carrier is also affected by the second flaw, called Piercer.  It's unclear if Torpedo affects mobile providers in the UK as well.

    The Piercer flaw allows the attacker to associate a victim's phone number with their international mobile subscriber identity (IMSI), or a device's 'persistent identity.'  By learning their IMSI, it enables the attacker to further keep track of the user's location.

    The final vulnerability, called IMSI-Cracking, is achieved via a brute force attack, wherein automated software is used to decode encrypted data.  It allows attackers to crack the device owner's IMSI on a 5G network and enables all kinds of snooping, including those used by 'stingrays,' or tracking devices used by police to monitor someone's real-time location.

    What's more, researchers said that more advanced devices can even send fake messages, listen in on phone calls and intercept text messages.

    The flaws were reported to the GSMA, which sets the telecom industry's cellular standards, according to TechCrunch.  GSMA is able to fix the Torpedo and IMSI-Cracking vulnerabilities, while the Piercer flaw can only be fixed by carriers.

    Extracted from: www.dailymail.co.uk