New security flaws emerge with 5G
By MYBRANDBOOK
As 5G faces logistical and technical hurdles, its vulnerabilities are also being discovered almost by the dozen.
Worldwide Researchers are presenting new findings that the 5G specification still has vulnerabilities. And with 5G increasingly becoming a reality, time is running out to catch these flaws.
The researchers are detailing 11 new design issues in 5G protocols that could expose users’ location, downgrade service to old mobile data networks, run up their wireless bills, or even track when they make calls, text, or browse the web. They also found five additional 5G vulnerabilities that carried over from 3G and 4G. They identified all of those flaws with a new custom tool called 5GReasoner.
One purported benefit of 5G is that it protects phone identifiers, like the device's "international mobile subscriber identity," to help prevent tracking or targeted attacks. But downgrade attacks like the ones the researchers found can bump the device down to 4G or put it into limited service mode, then force it to send its IMSI number unencrypted. Increasingly, networks use an alternative ID called a Temporary Mobile Subscriber Identity that refreshes periodically to stymie tracking. But the researchers also found flaws that could allow them to override TMSI resets, or correlate a device's old and new TMSI, to track devices. Mounting those attacks takes only software-defined radios that cost a few hundred dollars.
The 5GReasoner tool also found issues with the part of the 5G standard that governs things like initial device registration, deregistration, and paging, which notifies your phone about incoming calls and texts. Depending on how a carrier implements the standard, attackers could mount "replay" attacks to run up a target's mobile bill by repeatedly sending the same message or command. It's an instance of vague wording in the 5G standard that could cause carriers to implement it weakly.
The researchers note that a limitation of their study is that they didn't have access to a commercial 5G network to test the attacks in practice. But they point out that while GSMA says the attacks are low impact, it still listed the work in its Mobile Security Research Hall of Fame
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
EXIDE INDUSTRIES LTD.
TP-LINK INDIA PVT LTD.
SAMSUNG INDIA ELECTRONICS PVT. LTD.
CP PLUS INDIA PVT. LTD.
Technology Icons Of India 2023: Amit Chadha
. An influential leader in the engineering services industry for over ...
Technology Icons Of India 2023: Anant Maheshwari
As President of Microsoft India, he is responsible for Microsoft’s o...
Technology Icons Of India 2023: Vijay Shekhar Sharma
Vijay Shekhar Sharma is an Indian technology entrepreneur and billiona...
NIC bridging the digital divide and supporting government in eGovernance
The National Informatics Centre (NIC) is an Indian government departme...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
FORTUNE MARKETING PVT. LTD.
Delhi based Fortune Marketing, An ISO 9001:2008 company, distributes ...
Crayon Software Experts India Pvt Ltd
Crayon helps its customers build the commercial and technical foundati...
SONATA INFORMATION TECHNOLOGY LIMITED
Sonata Software Limited is a leading Modernization engineering company...