A team of researchers have uncovered nearly a dozen 5G vulnerabilities, showing the latest generation may not provide the leap in security we hoped for.
The researchers, from the universities of Iowa and Purdue, were able to perform a range of concerning attacks.
Some examples of attacks the researchers conducted include location tracking, broadcasting fake emergency alerts, and cutting devices off from the 5G network.
With 5G networks expected to proliferate rapidly and be used for ever more critical applications, including remote healthcare and smart cities, you'd expect standards bodies to ensure security is a number one priority.
In their paper, the researchers note that the 5G protocol "lacks a formal specification and hence is prone to ambiguity and underspecification." Furthermore, they claim the current standard "often states security and privacy requirements in an abstract way".
As if the researchers' critique of 5G security wasn't damning enough, they state that conformance test suites only encompass "primitive security requirements lacking both completeness and the consideration of adversarial environments."
Building an adversarial environment
The researchers decided to build their own adversarial environment to prove the point. A fake 5G base station was created alongside a tool called 5GReasoner.
Using this environment, the researchers were able to conduct the aforementioned 5G attacks – including using a DoS (Denial-of-Service) to take a smartphone offline.
Arguably, the most concerning attack the researchers successfully conducted was the broadcast of an emergency message.
The researchers noted how an emergency message could be used to create "artificial chaos" similar to what happened in Hawaii after an accidental emergency alert went out warning of an imminent missile from North Korea.
Wisely, the researchers have not detailed the exact methods they used to conduct the attacks or published any code. They have informed the GSM Association.
Speaking to TechCrunch, GSM Association spokesperson Claire Cranton said the vulnerabilities are "judged as nil or low-impact in practice."
Not exactly the most comforting response.
Interested in hearing industry leaders discuss subjects like this? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.