Can you hear me now? - 36 vulnerabilities in the LTE standard enable data interception

[rcmaehl]

Sources:
ITPro UK

KAIST (Korea Advance Institute)

 

Summary:
Researchers from Korea have discovered several new vulnerabilities in LTE from Denial of Service and Spoofing to data interception

 

Quotes/Excerpts:

Quote

Researchers have discovered a collection of flaws in the...LTE...standard, which could allow an attacker to send spoof messages and intercept data traffic. A team with the Korea Advanced Institute of Science and Technology Constitution (KAIST) have discovered 51 vulnerabilities with the 4G standard, including 15 known issues and 36 previously undiscovered flaws. KAIST researchers used a tool dubbed 'LTEFuzz' to feed large amounts of random data into identified processes to test them for potential anomalies. The vulnerabilities unearthed span a broad spectrum. They range from a flaw that could allow an attacker to disconnect a victim from their mobile network, to one that permits the eavesdropping and manipulation of data. The KAIST team was intrigued by the fact that on the same operator, two core networking components from different vendors could present different vulnerabilities. The same was also true for two components from a single vendor, but deployed across different operators. The full list of vulnerabilities discovered can be found at the foot of the team's 16-page report, which they are planning to present publicly at the IEEE Symposium on Security and Privacy in May. LTE is a networking standard that offers slightly slower speeds than 'true 4G', but is widely used by network operators and marketed as 4G. The KAIST researchers said they have no plans to release their LTEFuzz tool in any public capacity because it can be used for malicious purposes. The team does, however, plan to share LTEFuzz with mobile network operators and device vendors.

 

My Thoughts:
It's interesting to note that vulnerabilities varied between equipment manufacturers and carriers. I'll definitely be listening to a copy of their talk in May to see which are the fault of the carrier, which are the fault of the vendor, and which are consistent across all networks. Regardless, it should be known that if you're sending important, confidential data over mobile data it should be via a VPN or another method of end to end encryption. 

[NunoLava1998]

time to use 56k dialup

[.Apex.]

"Can you hear me now" was creepy af

[Fnige]

Lucky for me, Don't even have a phone at all

[PlayStation 2]

Is this the 36 Chambers that Wu-Tang was referring to?

[Guest]

if you're using LTE for DDOS u better have a pretty damn good phone plan lol

[Brooksie359]

3 hours ago, SlimyPython said:

Lucky for me, Don't even have a phone at all

Lucky for me I have no money or belongings so they cant get anything from hacking. If you dont have money they cant steal it

[Fnige]

9 minutes ago, Brooksie359 said:

Lucky for me I have no money or belongings so they cant get anything from hacking. If you dont have money they cant steal it

Lucky for me, I dont have a life so they cant steal it

[williamcll]

How would this be patched?

[ZacoAttaco]

10 hours ago, rcmaehl said:

Regardless, it should be known that if you're sending important, confidential data over mobile data it should be via a VPN or another method of end to end encryption. 

Always good to have these reminders, most people are ignorant to even sending sensitive data over public Wi-Fi let alone cellular, I guess signal would be the recommended messenger for sensitive types of data, it's supposed have very strong emphasis on robust encryption and security.

 

I can't help but imagine, data interception over LTE wouldn't be easy. But I really don't know enough to speak with authority on it. Interesting stuff as always @rcmaehl

[captain_to_fire]

This reminds me 

 

[Bananasplit_00]

So what about lte advanced? Is that also hit by this? 

[rcmaehl]

8 hours ago, captain_to_fire said:

This reminds me 

 

Yep, even 5G vulnerabilities recently discovered. Looks like the transition between network generations has brought all the netsec guys out of the woodwork.

[mr moose]

Wasn't there always an issue with all mobile phones because of stingray or some other MIM hardware?

[rcmaehl]

9 hours ago, mr moose said:

Wasn't there always an issue with all mobile phones because of stingray or some other MIM hardware?

As far as I'm aware Stingray has only been able to intercept GSM communications, which are mainly phone calls/mms/sms.