Research: 5G Networks Still Vulnerable to Location Tracking, Downgrading Attacks

A group of researchers found 11 flaws, several of which would expose a device’s location and when a user calls or sends texts.

While excitement is growing about the potential capabilities of 5G networks on a global scale, researchers are finding that the next generation of connectivity could come with some major security concerns.

During the Association for Computing Machinery’s Conference on Computer and Communications Security in London this week, researchers from Purdue University and the University of Iowa presented 11 security issues in 5G protocols, WIRED reported. Those design issues could have dire consequences for users, allowing hackers to expose a person’s location, track when a user makes calls or sends a text, and downgrade a device’s service to old data networks.

To identify the problems, the researchers used a new custom tool called 5GReasoner. Their research also led them to discover five vulnerabilities that already existed with 3G and 4G networks.

"Since many security features from 4G and 3G have been adopted to 5G, there is a high chance that vulnerabilities in previous generations are likely inherited to 5G, too,” Syed Rafiul Hussain, a postdoctoral security researcher at Purdue who led the study, told WIRED. “Additionally, new features in 5G may not have undergone rigorous security evaluation yet. So we were both surprised and not so surprised by our findings."

While many proponents of 5G say that it can protect phone identifiers and therefore prevent tracking attacks, Hussain and his colleagues found that downgrade attacks can easily bring a device on to an older network to get more information about a device and the user.

In addition, the researchers found that they could get around the latest security practice of giving networks a “Temporary Mobile Subscriber Identity,” or TMSI, that is changed periodically to prevent tracking. Flaws could allow hackers to override those resets or correlate the device’s old and news TSMIs, according to WIRED.

The findings were submitted to the standards body GSMA, which said that the scenarios described by the researchers have been “judged as nil or low-impact in practice.”

“We appreciate the authors’ work to identify where the standard is written ambiguously, which may lead to clarifications in the future," the standards group said in a statement.

Still, the research points out the continued issues in the 5G security framework, which include major risks of users having their locations tracked or their devices downgraded to older networks.

"The thing I worry about most is that attackers could know the location of a user," Hussain told WIRED. "5G tried to solve this, but there are many vulnerabilities that expose location information, so fixing one is not enough."

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3