As more mobile carriers around the world switches to Long-Term Evolution (LTE 4G) from GSM/UMTS networks, carriers and users are facing more threats.
“Current LTE networks rely on packet switching, rather than the circuit switching of previous generations of the mobile network. The use of packet switching and the IP protocol (particularly the SIP protocol) may allow for new types of attacks not possible on previous generation networks,” the Computer Emergency Response Team Coordination Center (CERT/CC) at Carnegie Mellon University said.
“Some implementations of LTE networks and mobile applications are currently vulnerable to several issues which may result in loss of privacy, incorrect billing, and data spoofing.”
A group of Korean researchers unveiled the issues, which can end up exploited by attackers to effect DoS attacks against users, spoof phone numbers, obtain free data usage, establish a peer-to-peer network within the mobile network in order to retrieve data from other phones, and silently place phone calls without the user’s knowledge (via a malicious Android app).
Each provider/implementation of LTE may be vulnerable to one or more of these issues, and it’s on them to fix this.
“Each provider must apply updates to their own network as necessary to resolve these issues. However, each provider is vulnerable to a different subset of these issues, so the exact fixes and timelines vary between providers,” CERT/CC advises.
Apple’s devices do not suffer from the flaws, but all Android devices do.
Google did confirm the problem and promised to fix the issue in the November security update for its Nexus devices.
According to the CERT/CC’s T-Mobile and Verizon do not utilize session management, potentially opening up the network to denial of service and peer-to-peer direct communications. In addition to this Verizon’s network may be vulnerable to direct communications through the gateway.