IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

5G networks are vulnerable to hacking

New research uncovers nearly a dozen more flaws in the next generation of mobile network

5G signal on a smartphone

Security researchers from Purdue University and the University of Iowa have discovered nearly a dozen flaws in 5G network technology, which they say can track a victim's real-time location, create false emergency alerts, and discreetly disconnect phones from a 5G network altogether.

The researchers, using their tool called the "5GReasoner", found that 5G is still subject to some of the same exploits as 4G, despite touting a more "robust security posture" than previous cellular network generations.

The 5GReasoner discovered 11 new surveillance and disruption threats to the network by conducting a series of attacks against 5G-connected phones from a radio base station.

In one of these attacks, researchers obtained old and new temporary network identifiers of a victim's phone, which allowed them to track its location through its paging occasion. They could also broadcast fake emergency alerts by hijacking the paging channel, which could lead to "artificial chaos." Both real-time location tracking and false emergency alerts are vulnerabilities shared by 4G and 5G networks.

Another attack discovered a means to create a prolonged denial-of-service condition, which could completely disconnect a target's phone from the network for an extended period of time. It could also downgrade the phone to a less secure connection, leaving it open for law enforcement and other hackers to launch surveillance attacks.

According to one of the co-authors of the new research paper, Syed Rafiul Hussain, anyone with a working knowledge of 4G and 5G networks and a cheap software-defined radio can conduct these attacks.

Warnings over flaws in the Authentication Key Agreement in 5G first arose back in February, with the GSM Association (GSMA), which represents the global mobile communications industry, promising remedial action. The research, however, suggests they have yet to deliver.

The GSMA inducted the researchers into their mobile security hall of fame, but spokesperson Claire Cranton said the vulnerabilities uncovered were "judged as nil or low-impact in practice." The association gave no timeline or certain intention for rectifying the network's flaws.

Hussain told TechCrunch that while some of the fixes can be made in the existing network design, others will likely call for "a reasonable amount of change in the protocol."

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Delivery firm Yodel disrupted by cyber attack
cyber attacks

Delivery firm Yodel disrupted by cyber attack

21 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022