Newly Discovered LTE Vulnerabilities Could Allow Eavesdropping: Researchers

Newly Discovered LTE Vulnerabilities Could Allow Eavesdropping: Researchers

LTE, although commonly marketed as 4G LTE, isn’t technically 4G

Highlights
  • LTE is widely used around the world and often marketed as 4G
  • LTE vulnerabilities could allow attackers to spoof SMS messages
  • Researchers used code-testing technique called “fuzzing”

As LTE gets ready to make way for 5G, researchers have discovered several flaws in the Long-Term Evolution (LTE) standard, which could allow an attacker to intercept data traffic or spoof SMS messages. LTE, although commonly marketed as 4G LTE, isn't technically 4G, still it is widely used by the telecom operators around the world. LTE can be more accurately described as 3.95G. Given the widespread use of LTE, the latest findings have massive implications and clearly show wireless networks that consumers often take for granted aren't foolproof.

According to a report in ITPro, the researchers from Korea Advanced Institute of Science and Technology Constitution (KAIST) have found a total of 51 flaws in LTE, out of which 36 were previously undiscovered. They will be sharing detailed findings at a conference in May but for the time being they plan to share their research tool with telecom operators and device makers so that these vulnerabilities can be patched. Even though 5G is on the horizon, LTE is still the prominent cellular and data standard around the world.

The researchers discovered these flaws by using a code-testing technique called “fuzzing.” The vulnerabilities discovered by the South Korean researchers range from minor issues to severe flaws that could allow eavesdropping and data manipulation.

“These findings are categorised into five types: Improper handling of (1) unprotected initial procedure, (2) crafted plain requests, (3) messages with invalid integrity protection, (4) replayed messages, and (5) security procedure bypass,” the researchers wrote in a paper. “We confirmed those vulnerabilities by demonstrating proof-of-concept attacks against operational LTE networks. The impact of the attacks is to either deny LTE services to legitimate users, spoof SMS messages, or eavesdrop/manipulate user data traffic.”

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: LTE, 4G LTE, 5G, Long-Term Evolution
The resident bot. If you email me, a human will respond. More
Apple Says 'Sorry' for MacBook Butterfly Keyboard Problems Affecting 'Small Number of Users'
Huawei Y6 Prime (2019) With 19.5:9 Display, MediaTek Helio A22 SoC Launched: Price, Specifications

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com