Researchers from Ruhr-Universität Bochum and New York University in Abu Dhabi have discovered serious security flaws in 4G LTE networks that allow hackers to spy on, listen in on, intercept, and disrupt phone calls and text messages.

Given that billions of people rely on 4G LTE networks for cellphone communications, it's a serious issue, and there are no easy fixes. So, don't expect these flaws to be patched out of existence any time soon.  Worse still, the planned 5G networks currently in development may well suffer from the same (or similar) flaws.

Based on their research, the team was able to develop a trio of new attacks that specifically target weaknesses in the 4G LTE architecture.

One of these, dubbed "aLTEr" is a DNS spoofing attack that allows a hacker to become the "man in the middle," intercepting communications, and gives them the ability to spoof alerts, texts, and other messages.

All three of the attacks developed by the team take advantage of weaknesses found in "Layer Two" of the LTE network.

This is the data layer that rests atop the physical channel.  Its function is to maintain wireless communication between users and the network itself, and has an organizational function that (among other things) manages how users access various resources on the network, helping to protect data via encryption and to correct errors in transmission.  Obviously, a hack that can exploit this layer could be devastating indeed.

If there's a silver lining, it lies in the fact that these three attacks are exotic. It would be difficult for a casual or even a fairly determined hacker to execute to any real effect.  Unfortunately, it would be a much easier task for a state-sponsored group to pull off, and that's the big fear here.

Hopefully, since 5G networks are still in the planning stages, something can be done before they're rolled out to limit the effectiveness, or perhaps even negate these new types of attacks, but that remains to be seen.

Used with permission from Article Aggregator