Sign In

Communications of the ACM

ACM TechNews

Security Gaps Identified in LTE Mobile Telephony Standard

View as: Print Mobile App Share:

All devices using the LTE network, including most mobile phones and tablets, are affected by the security gap.

Cyberattackers can identify which websites users visit and reroute them to scam websites by abusing security weaknesses in the LTE mobile telephony standard, researchers at Ruhr-Universitat Bochum in Germany have found. They determined all devices using LTE or 4G are affected, and the weaknesses, which are impossible to close, are still present in the upcoming 5G mobile telephony standard.

Under the 4G and upcoming 5G standards, the payload transmitted via LTE is encrypted, but its integrity is not verified. "An attacker can alter the encrypted data stream and reroute the messages to his own server without alerting the user," warns Ruhr-Universitat Bochum's David Rupprecht.

Attackers can also use special equipment to intercept the communication between the phone and the base station, and reroute the user to a fake website by altering the messages, Rupprecht says.

From Ruhr-University Bochum
View Full Article


Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account