Researchers found 4G LTE flaws that can steal user information, location and issue false warnings
According to ZDNet reports, researchers at Purdue University and the University of Iowa after research and investigation found a large number of new vulnerabilities in the 4G LTE network, they can peeping user information, tapping their phones, making the device offline or even false Emergency alert. The researchers described 10 attacks in detail in their response report.
These vulnerabilities can initiate authentication relay attacks by emulating the identities of existing users. While verifying that relay attacks are not new attacks, recent research shows that they can be used to intercept messages, track users’ locations, and prevent them from connecting to the network.
During the study, researchers used a test framework called LTEInspector that helps detect loopholes in LTE radios and networks.
Syed Rafiul Hussain, a member of the research team, said that among the 10 attacks they discovered, they have identified 8 of them with SIMs from four major carriers in the United States. “The root cause of most of these attacks are the lacks of proper authentication, encryption, and replay protection in the important protocol messages.”
Hussain said the vulnerabilities could be used to figure the victim’s device’s location. This will give some criminals a hindrance to the progress of investigations by law enforcement officials through the placement of fake location information.
Another is to send “false alarms” to devices in specific areas, triggering “artificial chaos.” The warning of a ballistic missile in Hawaii in January this year caused quite a stir in the area, except that it was not triggered by a cyber attack, but both had the same impact.
Hussain said they found that a carrier in the United States has never been able to encrypt aircraft information and is most likely to be used by cybercriminals to steal cell phone messages and other sensitive data. However, Hussain did not disclose the company’s name but said the other has been fixed.
The researchers also said that anyone can use the common software radio and open source 4G LTE protocol software to launch these attacks, the cost can be as low as $1,300 to $3,900. However, they will not be released with any proof-of-concept code until the vulnerabilities have been fixed.
While every merchant promises that the upcoming 5G network will become faster and safer, it is clear that 4G LTE will not disappear in the near future, so these loopholes should not be underestimated.