High speed wireless and 5G wireless networks continue to present safety failures in various types of implementations. A new study published by US researchers shows how discovered vulnerabilities can be used to leave entire populations or to direct attacks against specific individuals.
A group of researchers from the University of Florida and the State University of North Carolina have published a Paper in which they exhibit more than 100 vulnerabilities discovered in implementations of Red LTE and 5G, showing the safety risks that this type of networks, Despite being more modern, they still present for users.
Academics list a total of 119 security risks, which have found in about seven LTE implementations: Open5Gs, Magma, Openoirinterface, Athonet, SD-CORE, NEXTEPC, SRAN, and in about three 5G implementations: Open5gs, Magma, OpenAirInterface . The different implementations refer to networks that emit mobile connectivity with different characteristics depending on the use case, for example with a different architecture, a different frequency band or differences in latency or capacity.
In the study, entitled «Ransacked: an approach based on the domain for Fuzzing of RAN-CORE LTE and 5G», the researchers point out that “each of the more than 100 vulnerabilities that are analyzed can be used to interrupt persistently all cellular communications (phone calls, messages and data) at the level of the entire city ».
It is therefore dangerous vulnerabilities that a malicious hacker or actor could use to incommunicate a specific region, in addition to acquiring personal information about a specific user.
«An attacker can continuously block the mobility management entity (MME) or the access and mobility management function (AMF) in an LTE/5G network, respectively, simply by sending a single small data package through the network as An non -authenticated user (SIM card is not required, ”he collects the text, showing the relative ease with which one of these attacks could be carried out.
How do they
Regarding the way to break into the network, “several of the identified vulnerabilities are related to buffer overflows and memory corruption errors that could be used as a weapon to violate the Central Cellular Network and take advantage of that access to monitor the location of the cell phone and connection information of all subscribers at the city level and carry out attacks aimed at specific subscribers «.
The study also details the risks involved in the use of femotocells, that is, small stations for domestic or business use that, however, are not commonly used today. “The introduction of domestic use femotocels, followed by GNODEB Base Stations of easier access in 5G implementations, represent an additional change in security dynamics: where before the RAN teams were physically blocked, they are now openly exposed to physical adverse threats” , the researchers indicate.
