Although more than 5G 4G faster, more secure, but new research suggests it still has some loopholes, leading to cell phone users face certain risks. Purdue University and the University of Iowa researchers have found safe nearly twelve loophole, saying that can be used for real-time tracking the position of the victim, walking deceptive emergency alarm, panic or quietly off 5G connection between the phone and the Internet. In fact, security 5G is only relative to known attacks against vulnerable such as 2G / 3G cellular network protocol attacks.
Research Screenshot ( original PDF link )
However, the latest study found that, 5G network there are still some risks, or pose a threat to the privacy of users. Worse, some of the new tools can also be copied to a 4G network up use.
It is reported that the researchers expanded their earlier findings, to create a new tool called 5GReasoner and found 11 new vulnerabilities. By setting up a malicious radio base station, the attacker can be deployed to target surveillance, sabotage, and even repeated attacks.
In a particular challenge experiments, the researchers successfully won the old and the new victims of phone temporary network identifier, and then expand the track to take its position. Even hijack paging channel, broadcast a false alarm to the emergency victims.
If the vulnerability is exploited by people with ulterior motives, or man-made cause chaos. Previously, Colorado at Boulder researchers have found a similar flaw in 4G protocol.
The second vulnerability is to create "a long time" denial of service condition on the target phone from the cellular network.
In some cases, this defect can be used to make a cellular connection to downgrade to a less secure old standard. Law enforcement officials and competent hacker, can with the help of professional equipment, launch monitors the attack to the target device.
Syed Rafiul Hussain co-author of the new paper, said all those who have practical knowledge 4G and 5G networks, and low-cost software radio skills can be utilized for the above-mentioned new attacks.
Given the sensitive nature of the vulnerability too, researchers did not publicly release its proof of concept exploit code, choosing instead to directly inform the matter to the GSMA Association.
Embarrassing is that, despite the new research has been recognized by GSMA Mobile Security Hall of Fame, but spokeswoman Claire Cranton still insisted that the likelihood of these vulnerabilities being exploited in practice little to almost zero. As for when to expand repair, GSMA exact timetable has not been announced.