Security and privacy issues engulf 3G, 4G and 5G at a time when 5G is making its grand appearance onto the telecommunications market. Researchers have revealed the generation networks can monitor mobile activity and automated profiling if compromised. For nation-state actors, this information can be used to spy on embassy officials and for cybercriminals, it is a profitable opportunity.
IMSI catchers carry out attacks by faking mobile towers. ISMI-catcher devices weaken the performance of Authentication and Key Agreement (AKA) to the point it can access the device’s traffic metadata. The AKA is what provides authentication between the device and network, encrypted. Once compromised hackers can monitor the movements of users of the device as they move from one fake base station to another. It further allows for tracking the location of devices and therefore the users.
Attack on 4G network
An ISMI catcher device itself is an eavesdropping device, made with a mobile device, a radio frequency device and a card reader. Anyone can create this device for as little as $7. Additionally, many demonstration videos are on YouTube. This worryingly makes the generation attacks very easy to carry out, increasing its vulnerability.
Although Researchers did not use this method, this is an example of one of the many ways anyone can create an ISMI-catcher device.
As part of the research, hackers used the following tools to create the device in a number of 4G networks across Europe:
- PC/SC capable smartcard reader;
- Laptop
- Universal Software Radio Peripheral.
5G’s design has a stronger AKA and the added ability to detect and reject IMSI-catcher device attempts. SINTEF Digital Norway however, discovered these attempts were insufficient as it was able to create a new class of ISMI that instead leaked data on the user’s device. It, therefore, bypassed the security efforts. SINTEF Digital Norway reported its findings to the relevant bodies like the 3GPP and the GSM Association. In addition, it reported its findings to network providers like Vodafone UK. 3GPP and the GSM Association are making efforts to remediate the issue before 5Gs second phase. This is at the end of 2019.