The researchers found that, in one case, a carrier did not even encrypt messages rendering them exposed to attack in which an attacker could eavesdrop on SMS and other sensitive data transfers
Four researchers from Purdue University and the University of Iowa working on vulnerabilities of modern 4G LTE cellular networks have discovered 10 new types of attacks. Combined with nine previously known attack methods, these can be used to track device owners, eavesdrop on texts and other sensitive data, and even pose as them on cellular networks and spoof location and other data.
The researchers Syed Hussain, Omar Chowdhury, Shagufta Mehnaz, and Elisa Bertino discovered the vulnerabilities as part of their evaluation of a proof-of-concept 4G LTE penetration testing toolset, called LTEInspector.
“Using LTEInspector, we have uncovered 10 new attacks along with 9 prior attacks, categorized into three abstract classes (i.e., security, user privacy, and disruption of service), in the three procedures of 4G LTE. Notable among our findings is the authentication relay attack that enables an adversary to spoof the location of a legitimate user to the core network without possessing appropriate credentials,” they write.
The major reason behind such loopholes is the shoddy implementation of cellular standards by the network providers. As the telecom business involves configuration of a large range of sub-components, the researchers suggest that the LTE providers are shifty about strict implementation of the cellular standards. Moreover, there is also not much transparency about network security either, they add.
The researchers found that, in one case, a carrier did not even encrypt messages rendering them exposed to attack in which an attacker could eavesdrop on SMS and other sensitive data transfers.The vulnerabilities expose cellular networks to even great dangers. One described exploit allowed tracking of the target just by phone number. Another could hijack SMSes and other messages and send messages to the network posing as the target. This also puts government-run warning systems such as a hurricane warning system under threat.