New 5G Security Threat Sparks Snooping Fears
By Kate O’Flaherty
5G security concerns are mounting after researchers at Purdue University and the University of Iowa found 11 vulnerabilities in the next generation cellular networks. The threats found by the researchers allow real time location tracking and surveillance as well as the ability to spoof emergency alerts to trigger panic, according to TechCrunch, which first published the research.
5G is hailed as a faster and more secure technology than its predecessors 3G and 4G. Yet the researchers’ tool “5GReasoner” found five additional issues that carried over from 3G and 4G.
One vulnerability that was supposed to be fixed in 5G was the threat from “stingrays”, which present themselves as a cell tower to spy on users. But concerningly, the researchers found that these attacks were still possible in 5G.
Meanwhile, one vulnerability allowed the researchers to get hold of old and new temporary network identifiers of a user’s phone so they could discover the “paging occasion” and use it to track its location. This could also be used by an adversary to take over the paging channel and broadcast false emergency alerts.
The researchers reported that these attacks could be carried out on existing 4G networks and that they were not difficult to perform. In fact, they claimed that all the attacks could be exploited by an adversary with a practical knowledge of 5G and 4G networks and a low cost software defined radio.
The findings have been reported to mobile industry body the GSMA, but the organization told TechCrunch that the issues were “low impact” in practice and it is not clear whether any major changes will be made in response.
This is despite the fact that the researchers’ work is well received and recognized by the GSMA’s “hall of fame.” The researchers say some of the issues they detail can be easily fixed in current 5G but that others call for a change in the protocol.
5G security: An ongoing issue
Of course, security problems in mobile networks is nothing new, but the risk of attack is increasing. Academics, ethical researchers and threat actors will continue identifying vulnerabilities in mobile networks for the foreseeable future, says Patrick Donegan, founder and principal analyst at HardenStance. “That’s always been the case, it’s just that the level of risk has increased so we tend to care a bit more now. It’s a reality that began during the 4G era; it isn’t new to 5G.”
He points out that most 4G vulnerabilities are “very effectively closed off” in the 5G security architecture. However, the structure of 5G is different from 4G, because it relies on distributed network architecture and more widely used IT protocols, which itself creates new issues.
“As consumers, we shouldn’t be expecting that 5G will somehow wipe the slate clean from a security standpoint,” Donegan says.
Cybersecurity expert Ian Thornton-Trump agrees that the distributed nature of 5G is a major risk. “We have heard the story from law enforcement about going dark due to cryptography. How about going dark because of the very distributed nature of 5G?
“If messaging is made of a combination of public and private networks, smart 5G device to smart 5G device tracking message timelines will be an order of magnitude harder. And with great speed comes great abilities to proxy, Tor and torrent across those ephemeral networks.”
It’s therefore no surprise that 5G security concerns are continuing to build as the technology starts to launch around the world. As well as issues with the network itself, experts point out that the many different industries that will take advantage of the technology–such as connected vehicles and healthcare–raise further and more specific security problems.
Oliver Pinson-Roxburgh, managing director at Bulletproof says the latest research demonstrates weaknesses that could allow attackers to detect if a person is in transit, or to target drones.
Sam Curry, chief security officer at Cybereason points out that countries such as Switzerland have slowed or stopped the 5G rollout until they better understand the security impact, “especially around critical infrastructure.”
It’s an extreme measure, but 5G is a risk that must be taken seriously by regulators, the industry and the multiple companies that want to be involved in the ecosystem.