New flaws in 4G, 5G allow attackers to intercept calls and track phone locations | TechCrunch

https://techcrunch.com/2019/02/24/new-4g-5g-security-flaws/

The findings are said to be the first time vulnerabilities have affected both 4G and the incoming 5G standard.

So it seems that 5G gets hacked before it is barely deployed to use – but that was pretty much expected as 5G has lots of new technology and is very complex system.

7 Comments

  1. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researchers find new flaws in 4G and 5G letting hackers perform a targeted denial of service attack on a phone and track its location using ~$200 in equipment
    https://techcrunch.com/2019/02/24/new-4g-5g-security-flaws/

    A group of academics have found three new security flaws in 4G and 5G, which they say can be used to intercept phone calls and track the locations of cell phone users.

    https://www.documentcloud.org/documents/5749002-4G-5G-paper-at-NDSS-2019.html

    Reply
  2. Tomi Engdahl says:

    Experts see 5G as defense to ‘Stingray’ spying
    https://thehill.com/policy/cybersecurity/408858-experts-see-5g-as-defense-to-stingray-spying

    Security experts and privacy advocates are hopeful the rollout of the new 5G wireless network could eliminate a glaring surveillance vulnerability that allows spying on nearby phone calls.

    Lawmakers have been pressing the Trump administration to crack down on technology known as “Stingrays,” after it was revealed they were found near federal buildings in Washington D.C. earlier this year.

    The devices, International Mobile Subscriber Identity (IMSI) catchers, allow for unauthorized cellphone surveillance. They are often used by law enforcement to track suspects in cases. But the devices have vexed federal officials who until recently had no way of tracking them, sparking worries about their use by foreign powers.

    5G networks would be less reliant on those towers and also would require new security standards for communications. The new network would be built using smaller cells, which are about the size of refrigerators and located every few blocks.

    Reply
  3. Tomi Engdahl says:

    Privacy-breaking flaws in the 4G and 5G mobile protocols could allow attackers to intercept calls, send fake amber alerts or other notifications, track location and more, according to a research team from Purdue University and the University of Iowa.

    In a paper presented at Mobile World Congress in Barcelona this week, the researchers explained that the issues arise from weaknesses in the cellular paging (broadcast) protocol.

    https://threatpost.com/torpedo-privacy-4g-5g/142174/

    Reply
  4. Tomi Engdahl says:

    Europe is prepared to rule over 5G cybersecurity
    - but does it help when core protocols are weak?

    https://techcrunch.com/2019/02/25/europe-is-prepared-to-rule-over-5g-cybersecurity/

    Reply
  5. Tomi Engdahl says:

    New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
    https://thehackernews.com/2019/02/location-tracking-imsi-catchers.html

    At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols.

    According to a paper published by the researchers, “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information,”

    Reply
  6. Tomi Engdahl says:

    ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers
    https://threatpost.com/torpedo-privacy-4g-5g/142174/

    The attack threatens users with location-tracking, DoS, fake notifications and more.

    Reply
  7. Tomi Engdahl says:

    Researchers find 36 new security flaws in LTE protocol
    https://www.zdnet.com/google-amp/article/researchers-find-36-new-security-flaws-in-lte-protocol/?__twitter_impression=true

    South Korean researchers apply fuzzing techniques to LTE protocol and find 51 vulnerabilities, of which 36 were new.

    The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*