acm-header
Sign In

Communications of the ACM

Home/News/Security Gaps Identified in LTE Mobile Telephony Standard/Full Text
ACM TechNews

Security Gaps Identified in LTE Mobile Telephony Standard

By Ruhr-­niversity Bochum
July 2, 2018
Comments
View as: Print Mobile App Share:
smartphone

All devices using the LTE network, including most mobile phones and tablets, are affected by the security gap.

Cyberattackers can identify which websites users visit and reroute them to scam websites by abusing security weaknesses in the LTE mobile telephony standard, researchers at Ruhr-Universitat Bochum in Germany have found. They determined all devices using LTE or 4G are affected, and the weaknesses, which are impossible to close, are still present in the upcoming 5G mobile telephony standard.

Under the 4G and upcoming 5G standards, the payload transmitted via LTE is encrypted, but its integrity is not verified. "An attacker can alter the encrypted data stream and reroute the messages to his own server without alerting the user," warns Ruhr-Universitat Bochum's David Rupprecht.

Attackers can also use special equipment to intercept the communication between the phone and the base station, and reroute the user to a fake website by altering the messages, Rupprecht says.

From Ruhr-University Bochum
View Full Article

 

Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account