A new era of mobile connectivity is upon us. In fact, we’ve already put our foot in it. 5G networks are turning on a bit around the world. Faster networks, minimized latencies, new services, and new features. What about security? Operators and infrastructure providers put their hand on the fire, but not all promises seem to be fulfilled. This is affirmed by the results of a study conducted in collaboration by researchers at the University of Iowa with those from Purdue University.
5G and security: protocol vulnerabilities
According to the authors, the protocol used by 5G is currently a chore, with the standard “often defining security and privacy requirements in an abstract manner”, “lack of formal specifications”, the result of compliance tests conducted “only taking into account primitive criteria and without considering the possibility of hostile environments.”
And it is indeed a hostile environment that the research team recreated to prove it by setting up a fake radio station. Taking advantage of a specially developed and baptized tool, 5GReasoner was able to land attacks of different types, targeting one of the smartphones compatible with the technology already available on the market (the model was not disclosed).
The authors were able to disconnect the phone from the mediated network the most classic of denial-of-service (DoS) operations, track its movements in real-time via geolocation and show fake emergency alerts on its screen. The latter is perhaps the most serious of the vulnerabilities reported because if replicated on a large scale could trigger chaos in whole territories: remember what happened in early 2018 when as a result of an error on the displays of residents in Hawaii: A pop-up appeared with the warning of an imminent nuclear attack by North Korea.
Considering how sensitive the issue is and how the methods used to force the weaknesses of the protocol are far from complex, the researchers decided not to go into detail by explaining the problems detected, alerting the GSM Association so that can be remedied. However, a spokeswoman for the organisation said through the TechCrunch website pages that nothing will be done since the risk is “considered null or low impact in practice”. In short, there is no hurry.