A group of researchers has discovered new security vulnerabilities in 4G and 5G networks that, if exploited, would allow hackers to intercept phone calls and locate wireless phone users.
The network faults discovered by a group of researchers at Purdue and Iowa universities not only cover the current 4G LTE standard, but also the next, the famous 5G, which will bring us far-reaching bit rates to what we've used up to now. 'now.
In addition, the 5G standard, which is said to be safer, should thwart the dreaded cell tower simulators, commonly known as stingrays. As a reminder, they exploit the function of phones to connect to the nearest tower. If a stingray is near a government institution or a company, communications will pass through this device, spying voice and data exchanges.
So, 4G or 5G, the new flaws can circumvent the new protections that had to protect us against computer whips, whether they are hackers or under the guise of security agencies.
The authors of the report say that "anyone with any expertise in paging can carry out such attacks, according to the information reported by the website techcrunch.com".
Torpedo
The first possible attack is named Torpedo, which exploits a paging protocol vulnerability that cellular operators use to warn a cell phone user of the arrival (paging) of a message or a call. Thus, placed and canceled calls within a short period of time can trigger a paging message without alerting the recipient's device. The pirate can track and follow the latter as he wishes.
Piercier
This same attack Torpedo opens the door to two other vulnerabilities: Piercier gives access to the international mobile subscription identity (IMSI) in 4G, as well as on a second, the cracking of the IMSI number by brute force technique in 4G and 5G (computer program that uses all possible character combinations until it falls on the correct password).
The authors add that the four major US networks - AT & T, Verizon, Sprint and T-Mobile - are potentially vulnerable to Torpedo. And without revealing which, one of these four networks is vulnerable to Piercier attacks. All that's needed is equipment that costs just $ 200 to conduct a Torpedo attack.
Since wireless networking technologies are the same in North America and around the world, hackers could exploit the same vulnerabilities wherever there are 4G and soon 5G networks.
Given the critical nature of vulnerability discoveries, researchers prefer not to reveal them.