New 5G vulnerabilities could put phone users at risk

Security researchers at Purdue and U. of Iowa confirm what many security experts have long feared: there are serious security weaknesses in 5G that undermine the promised security and privacy protections.

About a dozen vulnerabilities have been identified by the researchers, who report that the bugs can allow a bad guy to track your actual real-time location, send large numbers of people fake emergency alerts to trigger public panic or disconnect a 5G-connected phone from the network altogether.

5G was promised to be a more secure standard than 4G, able even to keep your data and voice safe from "stingrays" that present themselves as cell towers and spy on you.

But, nope. Also researchers say some of the attacks they've newly identified can also be exploited on existing 4G networks.

Worst of all, it's pretty cheap and easy to pull off the new exploits.

"All of the new attacks can be exploited by anyone with practical knowledge of 4G and 5G networks and a low-cost software-defined radio," reports Zack Whittaker [@zackwhittaker] of TechCrunch:

The researchers expanded on their previous findings to build a new tool, dubbed 5GReasoner, which was used to find 11 new 5G vulnerabilities. By creating a malicious radio base station, an attacker can carry out several attacks against a target's connected phone used for both surveillance and disruption.

In one attack, the researchers said they were able to obtain both old and new temporary network identifiers of a victim's phone, allowing them to discover the paging occasion, which can be used to track the phone's location — or even hijack the paging channel to broadcast fake emergency alerts. This could lead to "artificial chaos," the researcher said, similar to when a mistakenly sent emergency alert claimed Hawaii was about to be hit by a ballistic missile amid heightened nuclear tensions between the U.S. and North Korea. (A similar vulnerability was found in the 4G protocol by University of Colorado Boulder researchers in June.)

Another attack could be used to create a "prolonged" denial-of-service condition against a target's phone from the cellular network. In some cases, the flaws could be used to downgrade a cellular connection to a less-secure standard, which makes it possible for law enforcement — and capable hackers — to launch surveillance attacks against their targets using specialist "stingray" equipment.

New 5G flaws can track phone locations and spoof emergency alerts [, photo:]