BlackHat 2019: Don’t Assume that 5G Networks Can’t Get Hacked

The next few years will see a veritable explosion in the number of connected devices running on super-fast 5G networks. The promise: a vastly improved internet experience than previous generations. And 5G is going to be so locked down that you won’t ever have to give security a thought ever again.

And if you believe that last line, I’ve got a bridge in Brooklyn that I’d like to sell to you.

What’s beyond argument is the proposition that the 5G cellular standard represents a significant break from the past. Internet Protocol is at the center of the network architecture and the applications that run on 5G networks. And whereas earlier generations only performed tasks sequentially, 5G promises considerably higher speeds and little to no latency.

“We know the hype that 5G has today,” said Altaf Shaik, a researcher from the Technical University of Berlin as he addressed a packed ballroom at Black Hat 2019 in Las Vegas on Wednesday. “It’s even bigger than this room.”

5G is “basically for machine communications,” according to Shaik. “Not just phones, but cars and smart homes, different way stations…millions of devices will be scattered around us.”

But with an estimated 18 billion IoT devices expected to be in use worldwide by 2022, the reliability of our mobile networks will assume ever greater importance. Experts like Shaik have reason to be concerned about potential vulnerabilities cropping up; unlike earlier networks that relied on centralized hardware-based functions, 5G’s distributed software-based systems are also potentially more risky.

Compared to previous network generations, Shaik agreed that network security is turning out to be more efficient in 5G and is “definitely better” than in previous generations, particularly when it comes to things like privacy, encryption and authentication. “Security has changed a lot and we should expect that security should be lot stronger in 5G than in 2G,” he said.

Still, he cautioned that vulnerabilities affect both operator infrastructures as well as end-user devices connected to 5G. He demonstrated to attendees how hackers can exploit vulnerabilities just by using low-cost hardware and software platforms.

He set up fake base stations to launch attacks against dozens of devices to discover identifying information about them, including the kind of operating systems they ran. That raises a red flag: If you can find out information about the device and the OS, Shaik said, “you can plan a targeted attack.”

Shaik said he was able to hack into 5G systems and modify settings, changing radio capabilities, removing frequency bands and disabling voice over LTE. In one test, he recounted being able to reduce the connection speed on an iPhone 8.