INSUBCONTINENT EXCLUSIVE:
5G is faster and more secure than 4G
But new research shows it also has vulnerabilities that could put phone users at risk.
Security researchers at Purdue University and the
University of Iowa have found close to a dozen vulnerabilities, which they say can be used to track a victim real-time location, spoof
emergency alerts that can trigger panic or silently disconnect a 5G-connected phone from the network altogether.
5G is said to be more
secure than its 4G predecessor, able to withstand exploits used to target users of older cellular network protocols like 2G and 3G like the
use of cell site simulators — known as &stingrays.& But the researchers& findings confirm that weaknesses undermine the newer security and
privacy protections in 5G.
Worse, the researchers said some of the new attacks also could be exploited on existing 4G networks.
The
researchers expanded on their previous findings to build a new tool, dubbed 5GReasoner, which was used to find 11 new 5G vulnerabilities
By creating a malicious radio base station, an attacker can carry out several attacks against a target connected phone used for both
surveillance and disruption.
In one attack, the researchers said they were able to obtain both old and new temporary network identifiers of
a victim phone, allowing them to discover the paging occasion, which can be used to track the phone location — or even hijack the paging
channel to broadcast fake emergency alerts
This could lead to &artificial chaos,& the researcher said, similar to when a mistakenly sent emergency alert claimed Hawaii was about to be
hit by a ballistic missile amid heightened nuclear tensions between the U.S
(A similar vulnerability was found in the 4G protocol by University of Colorado Boulder researchers in June.)
Another attack could be used
to create a &prolonged& denial-of-service condition against a target phone from the cellular network.
In some cases, the flaws could be used
to downgrade a cellular connection to a less-secure standard, which makes it possible for law enforcement — and capable hackers — to
launch surveillance attacks against their targets using specialist &stingray& equipment.
All of the new attacks can be exploited by anyone
with practical knowledge of 4G and 5G networks and a low-cost software-defined radio, said Syed Rafiul Hussain, one of the co-authors of the
new paper.
Given the nature of the vulnerabilities, the researchers said they have no plans to release their proof-of-concept exploitation
However, the researchers did notify the GSM Association (GSMA), a trade body that represents cell networks worldwide, of their
findings.
Although the researchers were recognized by GSMA mobile security &hall of fame,& spokesperson Claire Cranton said the
vulnerabilities were &judged as nil or low-impact in practice.& The GSMA did not say if the vulnerabilities would be fixed — or give a
But the spokesperson said the researchers& findings &may lead to clarifications& to the standard where it written ambiguously.
Hussain told
TechCrunch that while some of the fixes can be easily fixed in the existing design, the remaining vulnerabilities call for &a reasonable
amount of change in the protocol.&
It the second round of research from the academics released in as many weeks
Last week, the researchers found several security flaws in the baseband protocol of popular Android models — including Huawei Nexus 6P and
Samsung Galaxy S8+ — making them vulnerable to snooping attacks on their owners.
Popular Android phones can be tricked into snooping on
