Home
Telecom
Telecom News
Newly Discovered LTE Vulnerabilities Could Allow Eavesdropping: Researchers

Newly Discovered LTE Vulnerabilities Could Allow Eavesdropping: Researchers

By Gadgets 360 Staff | Updated: 28 March 2019 14:10 IST

LTE, although commonly marketed as 4G LTE, isn’t technically 4G

Highlights

LTE is widely used around the world and often marketed as 4G
LTE vulnerabilities could allow attackers to spoof SMS messages
Researchers used code-testing technique called “fuzzing”

As LTE gets ready to make way for 5G, researchers have discovered several flaws in the Long-Term Evolution (LTE) standard, which could allow an attacker to intercept data traffic or spoof SMS messages. LTE, although commonly marketed as 4G LTE, isn't technically 4G, still it is widely used by the telecom operators around the world. LTE can be more accurately described as 3.95G. Given the widespread use of LTE, the latest findings have massive implications and clearly show wireless networks that consumers often take for granted aren't foolproof.

According to a report in ITPro, the researchers from Korea Advanced Institute of Science and Technology Constitution (KAIST) have found a total of 51 flaws in LTE, out of which 36 were previously undiscovered. They will be sharing detailed findings at a conference in May but for the time being they plan to share their research tool with telecom operators and device makers so that these vulnerabilities can be patched. Even though 5G is on the horizon, LTE is still the prominent cellular and data standard around the world.

The researchers discovered these flaws by using a code-testing technique called “fuzzing.” The vulnerabilities discovered by the South Korean researchers range from minor issues to severe flaws that could allow eavesdropping and data manipulation.

“These findings are categorised into five types: Improper handling of (1) unprotected initial procedure, (2) crafted plain requests, (3) messages with invalid integrity protection, (4) replayed messages, and (5) security procedure bypass,” the researchers wrote in a paper. “We confirmed those vulnerabilities by demonstrating proof-of-concept attacks against operational LTE networks. The impact of the attacks is to either deny LTE services to legitimate users, spoof SMS messages, or eavesdrop/manipulate user data traffic.”

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.