Comments on: New flaws in 4G, 5G allow attackers to intercept calls and track phone locations | TechCrunch

By: Tomi Engdahl

Tomi Engdahl — Sun, 24 Mar 2019 11:17:49 +0000

Researchers find 36 new security flaws in LTE protocol
https://www.zdnet.com/google-amp/article/researchers-find-36-new-security-flaws-in-lte-protocol/?__twitter_impression=true

South Korean researchers apply fuzzing techniques to LTE protocol and find 51 vulnerabilities, of which 36 were new.

The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic.

By: Tomi Engdahl

Tomi Engdahl — Tue, 26 Feb 2019 16:55:34 +0000

ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers
https://threatpost.com/torpedo-privacy-4g-5g/142174/

The attack threatens users with location-tracking, DoS, fake notifications and more.

By: Tomi Engdahl

Tomi Engdahl — Tue, 26 Feb 2019 14:36:24 +0000

New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
https://thehackernews.com/2019/02/location-tracking-imsi-catchers.html

At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols.

According to a paper published by the researchers, “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information,”

By: Tomi Engdahl

Tomi Engdahl — Mon, 25 Feb 2019 21:56:51 +0000

Europe is prepared to rule over 5G cybersecurity
- but does it help when core protocols are weak?

https://techcrunch.com/2019/02/25/europe-is-prepared-to-rule-over-5g-cybersecurity/

By: Tomi Engdahl

Tomi Engdahl — Mon, 25 Feb 2019 21:54:29 +0000

Privacy-breaking flaws in the 4G and 5G mobile protocols could allow attackers to intercept calls, send fake amber alerts or other notifications, track location and more, according to a research team from Purdue University and the University of Iowa.

In a paper presented at Mobile World Congress in Barcelona this week, the researchers explained that the issues arise from weaknesses in the cellular paging (broadcast) protocol.

https://threatpost.com/torpedo-privacy-4g-5g/142174/

By: Tomi Engdahl

Tomi Engdahl — Mon, 25 Feb 2019 08:53:34 +0000

Experts see 5G as defense to ‘Stingray’ spying
https://thehill.com/policy/cybersecurity/408858-experts-see-5g-as-defense-to-stingray-spying

Security experts and privacy advocates are hopeful the rollout of the new 5G wireless network could eliminate a glaring surveillance vulnerability that allows spying on nearby phone calls.

Lawmakers have been pressing the Trump administration to crack down on technology known as “Stingrays,” after it was revealed they were found near federal buildings in Washington D.C. earlier this year.

The devices, International Mobile Subscriber Identity (IMSI) catchers, allow for unauthorized cellphone surveillance. They are often used by law enforcement to track suspects in cases. But the devices have vexed federal officials who until recently had no way of tracking them, sparking worries about their use by foreign powers.

5G networks would be less reliant on those towers and also would require new security standards for communications. The new network would be built using smaller cells, which are about the size of refrigerators and located every few blocks.

By: Tomi Engdahl

Tomi Engdahl — Mon, 25 Feb 2019 08:52:54 +0000

Zack Whittaker / TechCrunch:
Researchers find new flaws in 4G and 5G letting hackers perform a targeted denial of service attack on a phone and track its location using ~$200 in equipment
https://techcrunch.com/2019/02/24/new-4g-5g-security-flaws/

A group of academics have found three new security flaws in 4G and 5G, which they say can be used to intercept phone calls and track the locations of cell phone users.

https://www.documentcloud.org/documents/5749002-4G-5G-paper-at-NDSS-2019.html