Flaws in 4G and 5G Networks Can Lead to Spying on Calls and Location

Verizon's 5G logo

Security researchers have discovered flaws within both 4G and 5G networks that can lead to unwanted spying.

As was first reported on Monday by TechCrunch, the team discovered that nefarious individuals can take advantage of the flaw to eavesdrop on a call or track a device’s location. The issues are embedded not just within 4G (LTE) networks, but also in 5G networks as well. That means the issue won’t go away just because your phone connects to a carrier’s 5G network.

“The paper, seen by TechCrunch prior to the talk, details the attacks: the first is Torpedo, which exploits a weakness in the paging protocol that carriers use to notify a phone before a call or text message comes through. The researchers found that several phone calls placed and cancelled in a short period can trigger a paging message without alerting the target device to an incoming call, which an attacker can use to track a victim’s location. Knowing the victim’s paging occasion also lets an attacker hijack the paging channel and inject or deny paging messages, by spoofing messages like Amber alerts or blocking messages altogether, the researchers say.”

That initial attack leads to two additional attacks: “Piercer”, which “allows an attacker to determine an international mobile subscriber identity (IMSI) on the 4G network”, and “IMSI-Cracking”, which “can brute force an IMSI number in both 4G and 5G networks, where IMSI numbers are encrypted”. The flaws within wireless networks mean phone calls and text messages can be intercepted by third-party devices, some called Stingrays.

The security researchers say that a fix is possible, though, and have alerted the trade group GSMA to coordinate further on security protocols moving forward. According to the research paper, these flaws are present in all U.S. service provider’s networks.

This is not the same situation as Apple’s Group FaceTime audio bug, which the company has already fixed in iOS 12.1.4. Even if the eavesdropping issue is a big one.

[via TechCrunch; Research Paper]