A new research paper from Purdue University and the University of Iowa outlines security flaws in 4G and 5G networks that allow hackers to eavesdrop on phone calls and track users’ locations using their smartphones.
According to one of the co-authors Syed Rafiul Hussain, the attack can be carried out by anyone who is well-versed with cellular paging protocols. The researchers claim that these new attacks can even defeat newer protections that have been put into place claiming “better security,” affecting major US carriers, and Europe and Asia carriers are also vulnerable.
“Any person with a little knowledge of cellular paging protocols can carry out this attack,” Syed Rafiul Hussain, one of the paper’s co-authors, told TechCrunch.
The first of the vulnerabilities, called Torpedo, exploits a weakness in the paging protocol which alerts your phone to incoming calls or texts. By starting and cancelling several calls in quick succession, one can send a paging message to the device without actually triggering an alert. Not only does this leave the door open to blocking or inserting messages, but it can also lead to two more attacks.
These two attacks, dubbed Piercer and IMSI-Cracking, use different methods to achieve the same thing — letting an attacker figure out one’s unique IMSI (International Mobile Subscriber Identity) number which leaves one wide open to remote eavesdropping.
The study comes as carriers and phone makers are preparing for 5G networks, which promise faster speeds, to launch around the world.
A fix for these flaws will require work from the GSM Association (GMA) and carriers, and Torpedo remains the priority as it precursors the other vulnerabilities. For security reasons, the researchers have opted against releasing the proof-of-concept code to exploit the flaws.