The introduction of fifth-generation mobile networkswill significantly improve the quality of communication, ensure high speed data transfer and increase the reliability of protection of confidential data. However, in the process of studying 5G technology, Norwegian scientists identified a vulnerability that could allow third parties to track the user and listen to his conversations.
The results are presented at the Black Hat conference,held in Las Vegas and dedicated to computer security. The vulnerability found is trapped by IMSI (International Mobile Subscriber Identification Number). Attackers buying such a device for only $ 10 can disguise it as a mobile communications tower and receive identification numbers (IMSI and IMEI).
5G technology theoretically suggests thatThe problem of IMSI traps is solved by a more complex encryption scheme, which allows not to store user data in an easily accessible test format. However, specialists from the Norwegian company SINTEF Digital were able to identify several vulnerabilities that allow hackers to use IMSI traps to obtain user data and further monitor his conversations and movements.
Attackers can get information whenhelp a false tower at the time of "registration" of the device at the base station of the mobile operator. During this process, device data in fifth generation networks are not encrypted, just like in 4G. Having received data about the type of device, its manufacturer, the operating system used, and other information, an attacker will be able to identify a specific victim’s gadget.
Attackers can apply the received data.to track the victim’s traffic or, for example, to block the transition to energy saving mode, which will ensure a quick discharge of the device’s battery. Such an application can be useful to criminals who want to de-energize the mobile sensors of security systems.