Although 5G is faster and more secure than 4G, new research indicates that it still has some vulnerabilities, which poses a certain risk to mobile phone users. Security researchers at Purdue University and the University of Iowa have discovered nearly 12 vulnerabilities, saying they can be used to track victims in real-time, to deceive emergency alerts, to cause panic.
The latest research finds that 5G networks still have certain risks or threats to users’ privacy. It is reported that the researchers expanded their previous findings, created a new tool called 5GReasoner, and found 11 new vulnerabilities. By setting up a malicious radio base station, an attacker can monitor, destroy, or even attack multiple targets. In an attack experiment, the researchers successfully obtained the old and new temporary network identifiers of the victim’s mobile phone and then tracked their location. Even the paging channel is hijacked and a false emergency alert is broadcast to the victim. In some cases, this defect can be used to downgrade cellular connections to older standards that are less secure. Law enforcement officers and capable hackers can launch surveillance attacks on target devices with the help of professional equipment.
Syed Rafiul Hussain, a co-author of the research, said that all of these new attacks can be exploited by anyone with 4G and 5G networking practices and low-cost software radio skills. Given the nature of the vulnerability, the researchers did not publicly release their proof-of-concept exploit code but instead chose to inform the GSMA Association directly.