5G cannot be rushed into implementation. Three new 4G/5G vulnerabilities have been exposed

In 2019, 5G has been promoted in full swing, but the security threats that come with it cannot be underestimated. Because now a group of foreign researchers have discovered three new vulnerabilities in 4G and 5G, which can not only be used to intercept calls, but also track and locate them, which urgently needs more attention.

According to foreign media, the three vulnerabilities discovered are Torpedo, Piercer and IMSI-Cracking attacks, which may affect most 4G or 5G networks in the world. Of course, the degree of impact may vary.

The first Torpedo attack, and the most important one, exploits a weakness in the cellular paging protocol (which carriers use to notify mobile phones before incoming calls or text messages). Making and canceling mobile phone calls in a short period of time can trigger the paging protocol without notifying the target device of an incoming call, allowing the attacker to track the victim's location. Torpedo can also insert or block messages like Amber alerts.

Based on the Torpedo vulnerability, attackers can also advance two other vulnerabilities. Researchers pointed out that the Piercer vulnerability allows attackers to determine the International Mobile Subscriber Identity (IMSI) number on 4G networks.

Another vulnerability, called IMSI-Cracking, can brute-force IMSI numbers on both 4G and 5G networks, even if they are encrypted. This means that even if you have a brand new 5G phone, your calls and location information can be spied on by listening devices like "Stingrays".

It is reported that the four major operators in the United States are currently affected by the Torpedo vulnerability attack, and the radio equipment required to launch the attack costs as little as US$200, which poses a great threat.

Fortunately, the above three vulnerabilities are not permanent defects, but it still takes some time to fix them. Among them, Torpedo and IMSI-Cracking vulnerabilities require the industry cellular standards organization GSMA to provide patch solutions. And the Piercer vulnerability will require operators to intervene and solve it.