Home Business IT Security Trivially simple denial of service attack for LTE

For much less than $1000, you can totally disrupt LTE communications in your neighbourhood.

Let me start by saying that iTWire in no way condones any behaviour based on the research being reported - it is illegal under all manner of legislation. However, being illegal hasn't stopped the bad guys in the past (nor will it in the future), and being aware of possible illegal behaviour better arms the "good guys."

Recent research has starkly shown that as wireless telephony complexity (and speed) increases, the opportunity for disruption also increases. Almost always, disruption is focussed on signal jamming, and this approach is no exception.

As the research by Dr Jeffrey Reed and his Virginia Tech team shows, LTE is reliant upon a continuous stream of control instructions that make up a tiny part (less than 1%) of the overall communications signal, but without which, the remaining 99% cannot be used.

"Your phone is constantly syncing with the base station" to manage the flow of information, whether it be a telephone call or a web page, said Marc Lichtman, co-author the study. "If you can disrupt that synchronization, you[r device] will not be able to send or receive data."

In the submission to the National Telecommunications and Information Administration, which is considering the use of LTE-based equipment for first'responders (police, fire, ambulance etc), the team concluded, "These comments describe extremely effective attacks can be realized, using fairly low complexity. It would be in the interest of public safety to take measures to reduce the vulnerability of Public Safety LTE, and lower the likelihood of an effective jamming attack."

The team has identified eight significant weaknesses in the LTE configuration, any one of which could bring all communications to and from a targeted base station to a complete halt.

For those interested, a simple device retailing for as little as $US650 could enable the attack with ease when used in conjunction with any laptop computer.

One hopes that those who continue to advocate a wireless-based alternative to Australia's NBN are paying close attention to research such as this.  Things can only get worse.

FREE NETWORKING SERVICES CASE STUDY

As one of the world’s largest social networking services, Facebook handles a lot of user information, and requires input from an astounding range of stakeholders 24 hours a day, 7 days a week — from both inside and outside the business.

Discover how Facebook was helped to connect remote employees, vendors, consultants, and partners to applications and web services quickly and reliably - without risking sensitive data.

GET CASE STUDY!

GET THE IT BUDGET YOU WANT

Explore your Network Treasure Trove to get the IT Budget you want

With Australian businesses projected to spend over $78.7 Billion why does it feel like you can never get the budget you need?.

In most cases your budget will get approved because the proposals are not only technically correct, but also provide good, credible evidence on how the spend aligns with key business objectives.

Did you know that your Network Monitoring tool can help you build a comprehensive business case without an MBA?

HERE ARE 8 TIPS TO GET THE IT BUDGET YOU WANT.

CLICK HERE!

David Heath

joomla statistics

David Heath has over 25 years experience in the IT industry, specializing particularly in customer support, security and computer networking. Heath has worked previously as head of IT for The Television Shopping Network, as the network and desktop manager for Armstrong Jones (a major funds management organization) and has consulted into various Australian federal government agencies (including the Department of Immigration and the Australian Bureau of Criminal Intelligence). He has also served on various state, national and international committees for Novell Users International; he was also the organising chairman for the 1994 Novell Users' Conference in Brisbane. Heath is currently employed as an Instructional Designer, building technical training courses for industrial process control systems.

Connect

 

 

 

 

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities