5G protocol is not secure, according to researchers

5G networks
A team of researchers from the University of Iowa and Purdue University has found nearly a dozen security breaches in the 5G protocol, prompting them to write a paper describing both their findings and a security breaching tool they developed called 5GReasoner. (Pixabay)

A team of researchers from the University of Iowa and Purdue University has found nearly a dozen security breaches in the 5G protocol, prompting them to write a paper describing both their findings and a security breaching tool they developed called 5GReasoner. The information has been uploaded to the Documentcloud server.

While has 5G has been widely heralded as the next-generation smartphone protocol, security concerns have arisen. The researchers with this effort have found vulnerabilities that leave users at risk of being tracked, along with several other issues.

The work by the researchers involved building the software tool 5GReasoner, which they used to test the new protocol, finding 11 vulnerabilities. Using 5GReasoner, the researchers set up a radio base station that could be used to attack phones in the nearby vicinity. They report that they were able to obtain network IDs for local phones, which in turn allowed them to discover paging occasions—and that allowed them to see the current location of a phone, which could be used to track the person using it.

Fierce AI Week

Register today for Fierce AI Week - a free virtual event | August 10-12

Advances in AI and Machine Learning are adding an unprecedented level of intelligence to everything through capabilities such as speech processing and image & facial recognition. An essential event for design engineers and AI professionals, Engineering AI sessions during Fierce AI Week explore some of the most innovative real-world applications today, the technological advances that are accelerating adoption of AI and Machine Learning, and what the future holds for this game-changing technology.

The researchers found that they were able to broadcast phony emergency alerts to phones in a given area, and in some cases, were able to track phone activity. Also, they found they could run denial-of-service systems to prevent phones from accessing their designated networks—a scheme that could result in downgraded service, or worse, no service at all.

The research team noted that some of the vulnerabilities could be used for surveillance attack by hackers or law enforcement personnel. They added that all the vulnerabilities they found could be exploited by anyone with a basic knowledge of either 4G or 5G networks—and that it could be done with low-cost software.

The researchers have reported their findings to the GSM Association (GMSA), which is responsible for approving international phone protocols. In response, the GMSA released a note describing the vulnerabilities as nil, or of low impact. They did not mention if the vulnerabilities would be fixed.

Suggested Articles

Power management is critical for many products. One expert advises pushing complexity to areas where energy is less of a concern.

HP leads the pack, but Apple sees 36% surge in notebooks, desktops compared to a year ago

New York City residents moving upstate will give hundreds of towns extra tax revenue to invest in new streetlights with IoT sensors, NYPA foresees