As LTE gets ready to make way for 5G, researchers have discovered several flaws in the Long-Term Evolution (LTE) standard, which could allow an attacker to intercept data traffic or spoof SMS messages. LTE, although commonly marketed as 4G LTE, isn't technically 4G, still it is widely used by the telecom operators around the world. LTE can be more accurately described as 3.95G. Given the widespread use of LTE, the latest findings have massive implications and clearly show wireless networks that consumers often take for granted aren't foolproof.
According to a report in ITPro, the researchers from Korea Advanced Institute of Science and Technology Constitution (KAIST) have found a total of 51 flaws in LTE, out of which 36 were previously undiscovered. They will be sharing detailed findings at a conference in May but for the time being they plan to share their research tool with telecom operators and device makers so that these vulnerabilities can be patched. Even though 5G is on the horizon, LTE is still the prominent cellular and data standard around the world.
The researchers discovered these flaws by using a code-testing technique called “fuzzing.” The vulnerabilities discovered by the South Korean researchers range from minor issues to severe flaws that could allow eavesdropping and data manipulation.
“These findings are categorised into five types: Improper handling of (1) unprotected initial procedure, (2) crafted plain requests, (3) messages with invalid integrity protection, (4) replayed messages, and (5) security procedure bypass,” the researchers wrote in a paper. “We confirmed those vulnerabilities by demonstrating proof-of-concept attacks against operational LTE networks. The impact of the attacks is to either deny LTE services to legitimate users, spoof SMS messages, or eavesdrop/manipulate user data traffic.”