Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.
Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.
The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.
Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more