Do you always want the latest and greatest when it comes to technology?

As the march of communication technology continues, new and innovative tools come out every day that improve our lives and make our data more secure. Well, that’s the theory, anyway.

The reality is that there can be a real “look-before-you-leap” problem when it comes to communication technologies. Just take a look at 5G, for example.

5G is considered to be the next step up in mobile communication. Just how LTE was a massive improvement over 3G, 5G looks primed to change the landscape when it comes to wireless devices completely. With major carriers, including AT&T and Verizon, rolling out their 5G networks later this year, you should know that it might not be quite as safe as advertised…

 

What is 5G?

Just like how LTE (4G) gave us phones that rivaled the speed of wifi networks (about 45Mbps), 5G will be offering superfast internet that is up to 10x (or depending on the marketing, 20x) as fast as we currently have 1Gbps). It will not only give us faster uploads and downloads but also broader coverage and more stable connections.

As 5G is a brand-new technology, it will, for the first few years anyway, exist alongside current 4G networks. But like how standalone 3G started to vanish with the advent of the fifth/sixth generation of mobile phones, 5G will soon become the standard for all devices. Just think, in a few years, you may be looking at your phone thinking, “Ugh, I can only get LTE here? How did people ever survive at these speeds?!”

This technology has applications that go far beyond just being able to watch 4K YouTube with your mobile data. The incredible speed of 5G means that autonomous vehicles will be able to communicate with each other at rapid rates, dramatically improving accuracy and safety. 5G will likely spur a burst of innovation that will result in applications we haven’t even dreamed of yet. It’s incredibly exciting!

 

The Dark Side of 5G

While 5G has countless people pumped, they haven’t gotten all the kinks out of the technology yet.

One of the big marketing pushes about 5G is how much more secure it is over LTE. While this is true in many ways, there are still a lot of holes that could compromise your privacy and security.

For those who are still on LTE networks, you are probably aware of stingrays (AKA, IMSI catchers). These are fake cellphone towers that act as a “man-in-the-middle” between a legitimate tower and your phone. If your phone connects to one, the hackers can use the IMSI to track you and listen in on your conversations.

This vulnerability is one of the reasons why 5G was developed, as it prevents stingrays from stealing IMSI device ID numbers. However, security researchers have found a workaround that completely bypasses this new security measure.

First, there is still enough unencrypted data sent when a mobile device connects to a new cell phone tower that malicious actors could determine the make, model, and operating system of your device. Obviously, not ideal, but also not catastrophic. However, a much more potentially damaging method of hacking your phone’s security was also found using this data leak.

Every device that connects to a wireless signal has a category number. A sophisticated 5G mobile phone has a category number of about 12, while an internet-of-things device like a toaster would only have a one or two. The category number is what signals to a tower the appropriate network for your device. A toaster would likely only need an EDGE (2G) or 3G connection, whereas your phone would want a faster, more data-intensive LTE or 5G connection.

Researchers discovered that they could send out a signal to a 5G device that modifies and lowers the stated category number, forcing it to an LTE or 3G signal rather than the 5G it’s capable of connecting to. If this happens, then your device will become 100% vulnerable to a standard stingray attack, as it will be connected to an LTE signal, no longer protected by the new security measures of 5G.

Thankfully, this isn’t a problem with the overall security of 5G technology. Instead, it’s the carriers’ implementation of the technology that has caused the issue. Hopefully, this will be fixed in the future, but for right now, 21 out of 30 5G carriers around the world are vulnerable to this sort of attack.

 

How ComSec Can Help

The bottom line is that, while security flaws in 5G are being addressed, the fixes just aren’t coming fast enough. 5G networks are no longer theoretical; they are out in the wild! And with phone manufacturers starting to create 5G models of their devices, the technology is going to be taking off fast. And consider this: new vulnerabilities are discovered all the time.

If you’re planning on switching to a 5G network in hopes of shoring up your mobile security, you need to know that the only way you can be sure you’re not compromised is to use a tool like ComSec’s IMSI Catcher Detection Services. We are the exclusive USA providers of IMSI catchers and stingray surveillance detection services, using the OverWatch system. With this system, we can identify illegal IMSI catchers, cellular jamming, rogue base stations, and baseband attacks.

Our IMSI Catcher Surveillance Detection Services are offered as a standalone service, as a business TSCM service package, during contracted Assurance Option services, or included with In-Conference Monitoring Services. And you can be sure that as new technology like 5G continues to spin up, we’re going to be on top of every security flaw to protect your data and privacy.

If you’d like to learn more about IMSI Catcher Detection Services, you can read more here. We also have many other cybersecurity and counterespionage products that will ensure your data stays out of the hands of hackers and other malicious actors. And if you have any questions about cybersecurity, please feel free to contact us today!

 

About the Author:

JD LeaSure ComSec LLCJ.D. LeaSure, CCISM, is the President / CEO of ComSec LLC, a global provider of world class counterespionage and TSCM / Cyber TSCM™ services. www.ComSecLLc.com

 

Please follow and like us:
error