Security Flaws Already Found in 5G Technology
5G is the talk of the town, but is it free of security risks?
- By Sydny Shepard
- Feb 27, 2019
5G is shiny, new and the talk of the town when it comes to the next generation of cellular technology, and now that the first 5G-capable phones and networks are starting to roll out experts are sinking their teeth into researching for vulnerabilities and security risks.
Security researchers at Purdue University and the University of Iowa have already poked holes in the months-old 5G technology, discovering three new vulnerabilities in 5G that can be used to track someone's location, intercept phone calls and send fraudulent text messages.
The most critical flaw is called Torpedo and it exploits a flaw in the paging system that notifies your phone of an incoming call or text. If an attacker starts to cancel several calls in a short period of time, they can send a paging message without alerting your phone to a call. Not only does this allow the attacker to track your phone's location and spoof paging messages like Amber and Emergency alerts, but this can also expose your phone to two other attacks: Piercer and IMSI-Cracking Attack.
Piecers allows hackers to determine your phone's unique international mobile subscriber identity (IMSI) on a 4G network. IMSI-Cracking Attack allows hackers to brute-force encrypted IMSI numbers in both 4G and 5G networks.
All four major carriers, AT&T, Verizon, T-Mobile and Sprint are all vulnerable to Torpedo and the worst part is: Torpedo can be carried out with radio equipment that costs as little as $200.
The security researchers reported the flaws to GSMA, the international body that represents the interests of mobile operators worldwide, but in the meantime users must wait for GSMA and companies to patch the flaws.
Sydny Shepard is the Executive Editor of Campus Security & Life Safety.