The team of researchers at Purdue University and the University of Iowa have discovered 11 new 5G network vulnerabilities. These areas pose a significant threat to 5G security, and could be potentially exploited by bad actors to compromise organisational and personal security.
How the hacks were discovered
The researchers used a tool called 5GReasoner to uncover the vulnerabilities. The tool was described as “framework for property-guided formal verification of control-plane protocols spanning multiple layers of the 5G protocol stack”.
These “hackable” areas were seen as incredibly easy to exploit, requiring only a working knowledge of 4G and 5G networks. This is understandably concerning as 5G networks are already being rolled out without these security concerns being rectified.
The vulnerable areas will allow an attacker to monitor a user’s uplink and downlink data transmissions, track location, disconnect a user from the network altogether and run down a user’s device battery.
Managing director at Bulletproof, Oliver Pinson-Roxburgh, described these vulnerabilities as a “scary threat” that cannot be ignored.
“In the past, with similar vulnerabilities in software, the argument has been: should we really care if someone knows where a handset is, what is the risk?” Pinson-Roxburgh explained. “In my opinion, this is serious threat as it allows for location tracking to potentially be used discrediting an individual based on location, track and intercept, as well as disconnecting your phone at a time of need. This is especially worrying for high-profile individuals.”
As if these insights weren’t worrying enough, a much more sinister outcome could come from these vulnerabilities. For example, one of the huge benefits of 5G is being touted as advanced automation technology, including vehicles. Some of these vulnerable areas could allow attackers to seriously endanger potential targets.
Robert Ramsden-Board, EMEA vice-president of Securonix, expects mobile networks to pay attention to the problems.
“5G providers should take the necessary steps to secure any weaknesses that could undermine 5G security and privacy protections and put users at risk,” Ramsden-Board said. “However, like the cloud, users will have to be aware of these risks and take any necessary precautions to protect themselves.”
- Get the latest 5G stocks news today
- We reveal how 5G technology works
- What can we expect from 5G smart cities
- 5G dangers: the fact and the fiction
- Will 5G Internet replace fibre broadband?