LTE mobile device standard used by millions of users across the globe is designed to fix many of the security shortcomings in the predecessor standard known as Global System for Mobile communications. Now, researchers have discovered faults in LTE that allow attackers to send nearby users to malicious websites and fingerprint the sites they visit.
This attack works because of the weakness built-into the LTE started itself and the most crucial weakness is a form of encryption that doesn’t protect the integrity of the data. Since there is a lack of data authentication, it is possible for an attacker to manipulate the IP addresses within an encrypted packet.
The weakness within the LTE is dubbed as aLTEr and researchers claim that attackers can cause the mobile device to use a malicious domain name system server that, in turn, redirects the user to a malicious server duping as Hotmail. Other two weaknesses involve the way LTE maps users across a cellular network and leaks sensitive information about the data passing between base stations and end users.
The paper published by researchers says that attackers require about $4,000 worth of equipment and must be within one mile of the targeted user. Since the weakness is the result of a design decision made during the LTE specification development, there is no way to patch them now. The again end user can protect themselves by visiting only websites that use HTTP Strict Transport Security and DNS Security Extensions. Researchers said that the attacks would be hard—but by no means impossible.
In a statement, GSMA officials wrote:
The GSMA does not believe that the specific technique demonstrated by the researchers has been used to target users in the past, nor is it likely to be used in the near future. However, as a result of this new research, the GSMA is working with the industry to investigate how to include the protection of the integrity of traffic and information (user plane integrity) in LTE. The 5G standards already include support for user plane integrity protection, and the GSMA is supporting the industry to ensure that it is fully deployed as 5G technology rolls out.