A team of four researchers from South Korea’s KAIST, the country’s premier tech institution, have discovered 36 new vulnerabilities in 4G LTE that have wide ranging security and privacy implications. The team laid out their findings in a paper titled: “Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane.” The research paper will be formally presented in May at the IEEE Symposium on Security and Privacy.
LTE, or Long-Term Evolution, is the way that most smartphones are connected to the internet – and with 94% of mobile phones in North America connecting through LTE – the impacts of this new security finding are far reaching to say the least. Notably, these vulnerabilities have all been proven by the researchers to work in the wild after being tested on real LTE networks. These new vulnerabilities, which include the ability to eavesdrop and manipulate user data traffic, are much worse than 4G vulnerabilities revealed in 2018 that allowed spoofing, tracking, and spamming. With unencrypted user data traffic on the line, encrypting your LTE connection with a VPN is the safest way to prevent this vulnerability.
New LTE vulnerabilities allow for eavesdropping and manipulating of smartphones
According to the paper, the dozens of new vulnerabilities allow hackers to:
“deny LTE services to legitimate users, spoof SMS messages, or eavesdrop/manipulate user data traffic.”
That last one is particularly concerning. This laundry list of new LTE vulnerabilities punctuate a long known fact to network security enthusiasts: mobile networks are not secure by default. Even if all these 51 vulnerabilities are eventually fixed, which they won’t all be given the fact that many of them have sat discovered and unfixed for several years already, there will still be other privacy issues that will rear their head in 5G, and then 6G. Not to mention that there are still known issues with 2G and 3G.
This whopping security find has already been reported to all of the appropriate entities. The KAIST researchers informed the two leading telecom industry organizations: 3rd Generation Partnership Project (3GPP) as well as the GSM Association. They’ve also informed the affected baseband chipset vendors and network equipment vendors. To accomplish this security find, the KAIST researchers used a technique known as fuzzing, even compiling their own LTEFuzz, to find these vulnerabilities in LTE. The 51 vulnerabilities are documented by the researchers in this Google Doc.
Smartphone users need to use a VPN to encrypt their LTE connections
If you use a VPN on your LTE connection, you’ll be able to encrypt your connection and prevent the worst of the newly discovered LTE vulnerabilities. Specifically, because the flow of data to and from your smartphone would be encrypted – an attacker would not be able eavesdrop or manipulate your encrypted LTE traffic because the manipulated data would not be able to be authenticated by your phone or VPN server. While a VPN might not be able to protect you from some of the DDOS vulnerabilities, it would protect your interactions with your favorite apps, and most importantly your internet history from being eavesdropped on or manipulated.
Don’t 4Get to use VPN!