Security News > 2021 > December > New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service and man-in-the-middle attacks using low-cost equipment.

The new fake base station attacks, in a nutshell, render vulnerable the handover procedures, which are based on the aforementioned encrypted measurement reports and signal power thresholds, effectively enabling the adversary to establish a MitM relay and even eavesdrop, drop, modify, and forward messages transmitted between the device and the network.

"If an attacker manipulates the content of the by including his/her measurements, then the network will process the bogus measurements," the researchers said.

The attack subsequently involves forcing a victim's device to connect to the false station by broadcasting master information block and system information block messages - information necessary to help the phone connect to the network - with a higher signal strength than the emulated base station.

"Once, the UE is attached to the attacker it could either enter in a camped mode due to a denial-of-service attack and become unresponsive, or the attacker could establish a man-in-the-middle relay building the basis for other advanced exploits."

Difficulty of distinguishing network failures from attacks.

News URL

https://thehackernews.com/2021/12/new-mobile-network-vulnerabilities.html