New 4G LTE Network Attacks Let Hackers Spy, Track, Spoof and Spam
Mar 05, 2018
Security researchers have discovered a set of severe vulnerabilities in 4G LTE protocol that could be exploited to spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and even knock devices entirely offline. A new research paper [ PDF ] recently published by researchers at Purdue University and the University of Iowa details 10 new cyber attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit design weaknesses in three key protocol procedures of the 4G LTE network known as attach, detach, and paging. Unlike many previous research, these aren't just theoretical attacks. The researchers employed a systematic model-based adversarial testing approach, which they called LTEInspector , and were able to test 8 of the 10 attacks in a real testbed using SIM cards from four large US carriers. Authentication Synchronization Failure Attack Traceability Attack Nu...
