New critical vulnerabilities discovered in 2G, 3G, 4G, LTE & 5G networks

Researchers at an Abu Dhabi university revealed details about a set of vulnerabilities in the information transfer mechanism that underlies modern telephone networks. According to the report, threat actors can exploit these flaws to deploy denial of service (DoS) and Man-in-The-Middle (MiTM) attacks using a few pieces of hardware.

Experts Evangelos Bitsikas and Christina Pöpper mention that these failures can occur in all kinds of scenarios as long as some general conditions are met. In addition, the problems lie in all generations of network infrastructure, from 2G to 5G.

Handover is the fundamental mechanism in any modern cellular network implementation, and is described as the process of transferring a subscriber during a call or data transfer session from one base station to another. Handover plays a critical role in establishing cellular communications, especially when the user is on the move.

Generally speaking, the process starts with the user’s device sending data on the signal strength to the network to determine if a handover is needed and; if necessary, it facilitates switching when a more suitable base station is found. Although signal strength reports are encrypted, their content is not verified, so threat actors could force a device to connect to a base station under their control.

The attack starts from the premise that the original base station cannot process incorrect values in the signal strength report, which increases the likelihood of a malicious handover.

The disadvantage for threat actors is that before initiating an attack it is required to perform a detailed reconnaissance of the target, using a smartphone specially designed to collect data from nearby base stations and make the attack possible. Attackers must then force the victim’s device to connect to the fake base station by transmitting the blocks of service information needed to help the phone connect to the network.

During the experiment, the researchers found that all the devices tested (OnePlus 6, Apple iPhone 5, Samsung S10 5G and Huawei Pro P40 5G) are vulnerable to DoS and MitM attacks, so they believe further research is needed to determine how possible the exploitation of these flaws is at a widespread level.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.