FRESH LTE VULNERABILITIES can be exploited by hackers to eavesdrop on calls and text messages, spoof emergency calls and even knock mobiles offline.
Boffins at the University of Iowa and Purdue University uncovered the 10 attack vectors that exploit flaws in three critical protocol operations of the 4G LTE cellular network. One such worrying vulnerability allows hackers to attach a device to the network and use it to spy on the communications of others on the network, as well as track their locations.
Such hacks are known as authentication relay attacks and allow hackers to connect to an LTE network without the needed credentials, as well as to masquerade as a target's device, essentially stitching the victim up for a hack attack they didn't commit.
And there's potential for a hacker to prevent a user's smartphone or LTE-enabled device from connecting to the network by exploiting the flaws.
While such attacks discovered by researchers are often theoretical or done under lab test conditions, eight out of the 10 attack vectors were found to be effective against SIM cards for four of the US' larger telecoms carriers.
"Among the 10 newly detected attacks, we have verified eight of them in a real testbed with SIM cards from four major US carriers," researcher Syed Rafiul Hussain told ZDNet. "The root cause of most of these attacks are the lacks of proper authentication, encryption, and replay protection in the important protocol messages."
Until the vulnerabilities are patched, which one US carrier has reportedly already done, the researchers are keeping the code behind their proof-of-concept attacks quiet, thereby keeping it out of the hands of hackers, especially as attacks could be carried out using open source 4G LTE protocol software.
Such attack vectors are not new, but they do show the extent savvy hackers could wreak havoc if they gained access to the network by exploiting the bugs. And with increasing amounts of devices, such as connected cars, sporting their own LTE connectivity without much in the way of encryption, there's potential for these vulnerabilities to be used to cause all manner of problems.
As the rollout of 4G LTE in the UK expands, addressing such potential security flaws is likely to be a headache for telecoms companies, especially as they already face plenty of scrutiny from the likes of Ofcom. µ
Give noisy sites the (Basil) brush off
Watchdog rules it prevented rivals from competing in online search
EU have a choice, EU know
Though not as wallet-busting as the Galaxy S10