LTE Flaw Invites Hackers

data security concept: computer, tablet, phone with combination lock on wooden table

LTE (Long Term Evolution)

Recently there has been talk of hackers finding a way in which they can see through your eyes when it comes to your cell phone and websites your browsing.  But how is this accomplished? Through a recently discovered flaw in the Long Term Evolution (LTE) Network.

What is LTE?

LTE is 4G technology that has helped improve the telecommunication experiences by providing speed, efficiency and intelligence. What it does is provide things like more bandwidth, better quality and profile specific services in a manner that isn’t overly expensive. LTE is also the key to creating the “internet of things” which is basically what has been happening over the past couple of years, through the interaction of the internet with technology like toasters, fridges and other home appliances, even cars or  other technologies.
LTE is the opportunity for our internet-interactive devices to evolve with our needs over time and is currently prominent in our smart phones.

How Have Hackers Abused LTE Functionality?

Thanks to a nasty form of attack known as aLTEr, the second layer of LTE which is the data link layer, becomes a joyride for hijackers to preview what is shown on someone else’s screen and gain sensitive information.
aLTEr has the capabilities to redirect your network requests once hijacked via DNS spoofing, bringing you to think your at a secure site location, but actually using a malicious LTE relay. Now as scary as this may seem, it won’t be all that relevant for singular everyday people because to achieve such a hijacking, it would require about $4000 worth of equipment and is limited to a 1-mile radius.
For a visual explanation, click this link to preview a demonstration of the aLTEr attack at work.

Data Link Layer Explained

The data link layer protects data through an encryption process and organizes how users access resources on the network, this in turn also helps to correct transmission errors along the way. The data link layer is located on top of the physical channel which maintains continuous transmission of the data between client and cell tower.

How does aLTEr work?

The manner in which aLTEr functions, is by abusing a design flaw LTE, which means a patch cannot solve this.
aLTEr creates a cell tower which acts as the user it’s attacking. This fake tower takes requests from the user and forwards them to the real cell tower, but in the process modifies some key data points. A user can modify the DNS server requests that are sent to the cell tower, even if they are encrypted. This is possible if you know the original DNS server, which allows you to change which one it requests with a new DNS server target. The reason this can be successful is because this all goes down between the user and the cell tower, masking the alterations from sight of either side.
This means that you can create your own DNS server that points to a web address of another IP.

Practicality

Yes and no. The aforementioned $4000 requirement for the equipment to accomplish such a task is something that would hinder most people. But aside from the price hurdle, there is also such an intense limitation on the radius capabilities that the target would have to be extremely specific, further making this a difficult task to accomplish.
However, the test previewed in the link is a very strongly controlled situation, meaning the capabilities and functionality in a real-world scenario may result in something more or less conductive. Since this is a design flaw, there cannot be a patch to fix such a vulnerability, and the only other option would be to overhaul the LTE protocol, which is also not an option at this point.

So how do you protect yourself?

The easiest and most effective way to protect yourself is to check if the site your using is secure. When using Google Chrome, in the upper left hand side at the beginning of your web address, it will be a green “secure” or red “Not Secure” sign, and if it is red, you may be vulnerable to outside harm. Always ensure the websites your on have a secure label at the top, indicating the certificate of the site is not expired and you are not vulnerable to outside intent.

Don’t Risk It, Secure It

Thanks to a recently enabled update for Google Chrome, it is even easier to understand if a site is secure or not. Take caution when you see a site is not secure and do not risk your personal information on the web to be a victim.

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?
Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!
Phone: 952-223-4422