Currently used by billions of people, the LTE (Long Term Evolution) was initially termed to standardize the mobile network quality. When a network says that it is 4G LTE, it simply means it is in the process of becoming 4G, which is a promise to achieve greater connectivity and stability, over time. LTE was a substantial improvement over 3G and wasn’t just the improvements in speed but was a solution to fix many security shortcomings in the previous generation mobile communication technology.
With LTE, the mobile network came out with two primary overhauls: proven encryption schemes and mutual authentication between users and base connections. But, this isn’t enough to stop attackers from sending users to malicious websites and fingerprinting the sites while they visit them, as per an article published by Arstechnica.
The mentioned vulnerabilities still survive in the platform, as the LTE standards aren’t effective enough to stop the attackers. The main issue that the current LTE is facing is its weak encryption and the lack of authentication that makes it vulnerable to the attackers. The other chief problems with LTE is its mapping of users across a cellular network, and being prone to leaking the data between the end users and base stations.
The report by Arstechnica mentions that the attacks have some preliminary requirements: expensive radio equipment and the maximum distance of one mile. The vulnerabilities are the result of the faulty design decisions that were taken when LTE was under development, and it is nearly impossible to patch them now. However, there is a trick for users to save themselves: limit visits to the sites that use HTTP Strict Transport Security and DNS Security Extensions.
Thorsten Holz and David Rupprecht, researchers from Ruhr-Universität Bochum, informed that the main consequence of these attacks is the redirection of the network traffic and then later using this redirection for the subsequent attacks.
The researchers revealed that 5G, which is set to replace the current mobile technology in the coming future, will have the par ability to cancel these vulnerabilities. 5G specifications thus will make the integrity assurance mandatory.
GSM Association, which comprises 300 hardware and software company and 800 mobile operators, confirmed the LTE’s vulnerability and promised to include the protection of the integrity of traffic in 5G technology.
These findings will certainly be used to assure the privacy and the security of future mobile communication, and we expect the authorities to take effective countermeasures for the same.
What do you think about the vulnerabilities of LTE? Do share your point of view in the comments. Also, to get instant tech updates, Follow TechNadu’s Facebook page, and Twitter handle.