Home Business IT Security Trivially simple denial of service attack for LTE

For much less than $1000, you can totally disrupt LTE communications in your neighbourhood.

Let me start by saying that iTWire in no way condones any behaviour based on the research being reported - it is illegal under all manner of legislation. However, being illegal hasn't stopped the bad guys in the past (nor will it in the future), and being aware of possible illegal behaviour better arms the "good guys."

Recent research has starkly shown that as wireless telephony complexity (and speed) increases, the opportunity for disruption also increases. Almost always, disruption is focussed on signal jamming, and this approach is no exception.

As the research by Dr Jeffrey Reed and his Virginia Tech team shows, LTE is reliant upon a continuous stream of control instructions that make up a tiny part (less than 1%) of the overall communications signal, but without which, the remaining 99% cannot be used.

"Your phone is constantly syncing with the base station" to manage the flow of information, whether it be a telephone call or a web page, said Marc Lichtman, co-author the study. "If you can disrupt that synchronization, you[r device] will not be able to send or receive data."

In the submission to the National Telecommunications and Information Administration, which is considering the use of LTE-based equipment for first'responders (police, fire, ambulance etc), the team concluded, "These comments describe extremely effective attacks can be realized, using fairly low complexity. It would be in the interest of public safety to take measures to reduce the vulnerability of Public Safety LTE, and lower the likelihood of an effective jamming attack."

The team has identified eight significant weaknesses in the LTE configuration, any one of which could bring all communications to and from a targeted base station to a complete halt.

For those interested, a simple device retailing for as little as $US650 could enable the attack with ease when used in conjunction with any laptop computer.

One hopes that those who continue to advocate a wireless-based alternative to Australia's NBN are paying close attention to research such as this.  Things can only get worse.

FREE WHITEPAPER - REMOTE SUPPORT TRENDS FOR 2015

Does your remote support strategy keep you and your CEO awake at night?

Today’s remote support solutions offer much more than just remote control for PCs. Their functional footprint is expanding to include support for more devices and richer analytics for trend analysis and supervisor dashboards.

It is imperative that service executives acquaint themselves with the new features and capabilities being introduced by leading remote support platforms and find ways to leverage the capabilities beyond technical support.

Field services, education services, professional services, and managed services are all increasing adoption of these tools to boost productivity and avoid on-site visits.

Which product is easiest to deploy, has the best maintenance mode capabilities, the best mobile access and custom reporting, dynamic thresholds setting, and enhanced discovery capabilities?

To find out all you need to know about using remote support to improve your bottom line, download this FREE Whitepaper.

DOWNLOAD!

David Heath

joomla statistics

David Heath has over 25 years experience in the IT industry, specializing particularly in customer support, security and computer networking. Heath has worked previously as head of IT for The Television Shopping Network, as the network and desktop manager for Armstrong Jones (a major funds management organization) and has consulted into various Australian federal government agencies (including the Department of Immigration and the Australian Bureau of Criminal Intelligence). He has also served on various state, national and international committees for Novell Users International; he was also the organising chairman for the 1994 Novell Users' Conference in Brisbane. Heath is currently employed as an Instructional Designer, building technical training courses for industrial process control systems.

Connect