Researchers have discovered 4G LTE network vulnerabilities that could allow malicious hackers to eavesdrop on phone calls and text messages, track locations and spoof emergency alerts.
A new paper from researchers at Purdue University and the University of Iowa revealed ten possible attacks that exploit three critical protocol operations of the cellular networking technology.
The flaws potentially allow for authentication relay attacks that let a hacker connect to a 4G LTE network by impersonating an existing phone number.
These types of attacks aren’t new, but this research shows they can intercept messages, track a user’s locations and stop a phone from connecting to the network.
One of the researchers, Syed Rafiul Hussain, who spoke with ZDNet, stated that among the 10 attacks they had detected, the team had verified eight in a real testbed with SIM cards from four major U.S. carriers.
“The root cause of most of these attacks are the lacks of proper authentication, encryption, and replay protection in the important protocol messages,” Hussain told ZDNet.
One of the ways that malicious hackers could use these exploits to their advantage is by planting false location information — i.e. a victim device is made to appear in a different location than where it actually was at a certain time. This has the potential to disturb police investigations.
False emergency notices could also be sent, creating chaos either as a distraction or simply for its own sake. The mistaken emergency alert sent to Hawaiians in January shows just how chaotic and traumatic such an attack could be.
The researchers say hackers could build the tool needed to carry out attacks for as little as $1,300 to $3,900 USD, but won’t release proof-of-concept code until the flaws are fixed.