Detach Me Not – DOS Attacks Against 4G Cellular Users Worldwide From Your Desk

A denial-of-service attack (DoS attack) is an attack where a machine or network resource is made unavailable by disrupting services of a host connected to the internet. Security specialist Silke Holtmanns from Bell Labs Nokia and other researchers from her group have studied how hackers can conduct DoS attacks on 4G cellular devices around the world. Holtmanns, who has participated in the Finnish Cyber Trust-programme, presented the results of the research at the Black Hat conference in November.

Holtmanns presented different DoS attacks that can affect any platform or device on mobile LTE (Long-Term Evolution) networks: mobile phones, tablets, and devices connected to the IoT. These attacks can disconnect mobile phone users from their network.

“Although the new technique and new communication generation with 4G/LTE is believed to provide better world we need to be awake. LTE with DIAMETER has similar functionality as earlier technique (SS7). The security researchers have provided clear results that we will face similar interconnection weaknesses with LTE/DIAMETER as SS7 if network do not take protection measures.”, says professor Juha Röning, who is the academic coordinator of the Finnish Cyber Trust-programme. Holtmanns’s research was partly funded by the programme.

Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backend, the general awareness of security and privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology – specifically the Signaling System 7 (SS7) – has disclosed numerous ways to locate, track and manipulate the routine cellular activities of cellphone users. In fact, the SMS-based key recovery mechanism is becoming vulnerable because of the SS7 vulnerabilities.

Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. With relatively more security and privacy features, Diameter protocol – the successor of SS7 in Long Term Evolution (LTE) networks are believed to guarantee more protection to the network itself and to the end-users. However, Diameter inherits many functionalities and traits of the SS7 network and attention need to be paid to proper security measures like filtering. Therefore, some attacks are also possible there e.g. location tracking in LTE by abusing the Diameter-based interconnection.

Read the rest of Holtmanns’s presentation and article here:

The presentation has been reported by international media like Darkroom Reading and Cyberscoop and reddit.

DIMECC Cyber Trust Program creates a foundation for Finnish research and industry to address the needs emerging in the cyber security domain. The program utilizes the strong expertise, extensive knowledge and solid cooperation model in public-private sectors. The consortia consists of 19 companies, and 8 research institutes and universities.


Share on LinkedInGoogle+Tweet about this on TwitterShare on FacebookEmail to someone