Back in May 2017, the entire world was stunned by Wannacry ransomware attack. The attack led many giant companies, Governments, as well as individuals taking cybersecurity much seriously. The worldwide cyber attack also lead to many pieces of research about cybersecurity and came up with some vulnerabilities, so as the solutions to counter various kind of hacking. One of these researches has revealed that the present setup in LTE networks has a very weak foundation in terms of network settings. The poor engineering built in the LTE devices can allow hackers to monitor which websites are being browsed on your device.
The research team claimed, there have seen three factors that may get LTE users exposed on the data link layer, or on another layer that manages and ensures access of multiple users into the network resource. The second layer also helps to rectify errors in transmission as well as protects user data by the encryption process.
In order to explain how LTE network is vulnerable to hackers, the research team introduced a non-violent attack demonstrating identity mapping attack and also an active attack called aLTEr which helps hackers to perform network connection redirect using Domain Name System spoofing. Both of these attacks were possible because of the specification loophole in LTE environment.
Nevertheless, these experimental attacks were conducted in a controlled system which was much similar to the real LTE network environment. But, the team believes a little more spoofing or update on the network system can help hackers to perform active cyber attacks easily. Three most possible attacks on this context are as such user identity mapping in a radio cell, monitoring user accessed websites, and lastly redirecting or hijacking the entire LTE network connections.
As of the passive attacks encountered so far, the hackers do not interfere directly with the targetted network. They silently deploy a device that grasp and monitors of the data sent and received by the targetted user over the network. On the other hand, an active attack takes place when the hacker cut off the info sent or received over the network with the help of a replicating device. In such case, the user might think that the replica is his usual service provider and connects to that device thus stepping into the trap. Maintaining both sides, the replica device shows the real network as of genuine user accessing into the network which leads to the next step of exploiting the second LTE network layer.
The research team members Katharina Kohls, David Rupprecht, Christina Popper, and Thorsten Holz from New York University Abu Dhabi and Ruhr-Universitat Bochum, claimed to reach up to 89% of success rate on these attacks. They are planning to conduct the similar attack over commercial real networks that would be more complicated due to the uncontrolled environment and background noise. Success on the real network hacking will ensure the vulnerability of the same.
The research team has notified the admissible institutions as such 3rd Generation Partnership Project, GSM Association, and the Telephone companies on an accountable declaration process before the work is published they claimed.