A group of scientists has discovered three new vulnerabilities in 4G and 5G networks that attackers claimed could intercept phone calls and track the location of smartphone users.
This is the first time vulnerabilities have been found to have affected both 4G and the emerging 5G standard regarding the use of cell-site simulators by law enforcement agencies, often referred to as "stingrays".
Syed Raiful Husain, Ninghui Li, Elisa Bertino, Mitziu Echeverria, and Omar Chowdhury all contributed to research work entitled "Privacy Attacks to 4G and 5G Cellular Paging Protocols Using Side Channel Information," which describes how These new vulnerabilities could even prevent the latest protection measures in 5G designed to make spying on mobile users difficult.
Researchers will publish their findings at the Network and Distributed Systems Security Symposium in San Diego this week.
Torpedo, Piercer, and IMSI Cracking Attacks [1
965900] 6] The first of the attacks discovered by the group is called Torpedo, which exploits a vulnerability in the paging protocol used by network operators to locate a telephone to notify before a call or text message is received. Researchers found that multiple phone calls made and canceled within a short period of time can trigger a paging message without alerting the target device to an incoming call. An attacker can use this to determine the location of a victim. Once the location of a victim's victim is known, an attacker may hijack the paging channel to feed or deny paging messages.
Once the torpedo attack has been carried out, attackers can launch a piercer attack that allows them to designate an international mobile phone subscriber identity (IMSI) in a 4G network. The IMSI cracking attack can then enforce an IMSI number in 4G and 5G networks, where IMSI numbers are protected by encryption.
These attacks jeopardize even the latest 5G-enabled devices through stingrays, and Hussain points out. All four major US carriers are affected by Torpedo. Attackers can carry out these attacks with $ 200 worth of wireless equipment.
Outside the US, nearly all cell networks are vulnerable to these attacks, including multiple networks in Europe and Asia.
Hussain and the other researchers have reported this Mistakes in the GSMA and the industry that represent mobile operators are likely to fix the errors of torpedo and IMSI cracking first. The repair of the piercer vulnerability is made dependent on the operators, although Torpedo still has priority, since all other errors depend on whether they work.