1(630)802-8605 Ravi.das@bn-inc.net

Just a few days ago, I had written a posting about the latest network protocol to come out, which is known as the “WPA4”.  It will eventually supercede the WPA3 network protocol, which is still so widely used today.  But as I had written in it, don’t look for the WPA4 to be in huge demand any time soon, as it still needs to be put under its Security paces.  Until then, the WPA3 will still be in place, as it has been for the last 15 years or so.

That topic brings up the content to day’s blog.  As I was perusing around the Internet trying to find something to write about, I came across how Cyber attackers are now hijacking what is known as the “LTE” based network.  But, before we get into that, it is first important to review really what an LTE network is about, in case you don’t know.

Specifically, an LTE can be defined as follows:

“Long-Term Evolution (LTE) is a standard for high-speed wireless communication for mobile devices and data terminals . . . It increases the capacity and speed using a different radio interface together with core network improvements.”

(SOURCE:  https://en.wikipedia.org/wiki/LTE_(telecommunication)

To put in simpler terms, an LTE based network can be considered to be an add on to an existing network in order to amplify its capabilities, and high speed communications.  As it can be seen from the definition, the LTE Network is most commonly used in the world of Smartphone technology.

In fact, as you are reading this, take a look at it and see if you can find “LTE” anywhere on your touch screen.  I can see it on my iPhone in the extreme upper left corner, where it says “Verizon LTE”.

Also, you will very often hear terminology such as “3G” and “4G” being bandied about amongst wireless carriers.  This simply refers to the specific generation of network connectivity.  So, 3G means “Third Generation” and 4G means “Fourth Generation”.

As a result, the latest and most advanced wireless protocol that is being used out at there is that of the 4G LTE, which most modern Smartphones have today (I think that my iPhone still might have the 3G, as I have never upgraded it quite yet).  So, when your Smartphone is connected to a 4G LTE, you’re getting the maximum data speed possible with your service, giving you superior download speeds and performance capability.

Obviously, the LTE protocol is much more complex, but this is basically what it is.  Now, back to the question of how it is being hacked into.  Apparently, the LTE is composed of multiple layers, and it is at the second one where the Cyber attackers are taking full advantage of.

According to Cyber security researchers, the attack technique (which is known technically as the “aLTEr”) abuses  the second layer of LTE connectivity called the “Data Link Layer”. This has been designed to protect the flow of data packets going across an LTE connection with encryption.  This second layer also optimizes how resources are accessed on the LTE Network and mitigating any type or kind of transmission errors.

aLTEr has also been specifically designed to hijack Internet browsing sessions, as well as redirect network requests, through a process known in the networking world as “DNS Spoofing”.  In fact, this technique can even be likened to that of a “Man In The Middle Attack”.  For example, this specific attack works by creating a malicious (and covert) cell tower between the victim and a legitimate cell tower. This malicious tower poses as both the legitimate cell tower of the network that the victim is trying to connect to, and at the same time, pretending to be the victim as well.

So thus, as you can see, the malicious cell tower is in between e legitimate cell tower and the user, thus making it a “Man In the Middle”. But what is different about this is that the aLTEr “Man In The Middle” is playing two distinct and separate roles.

Now, once the network connection has been established between the victim’s Smartphone and the legitimate cell tower, the fake cell tower then covertly hijacks the Internet requests that are being transmitted from the Smartphone, and maliciously alters the data packets in this particular connection.

From here, any Internet based requests (or DNS requests) are modified and spoofed, and the victim is then taken to a phony website where he or she is then tricked into submitting their usernames and passwords.

The good news is that aLTEr is a Cyber attack in theory only for the most part at this point in time.  There are two reasons for this:

  • It is estimated that the Cyber attacker would need at least $4,000 worth of specialized equipment;
  • The Cyber attacker has to be within a radius of one mile of a legitimate cell tower in order to carry out this kind of attack;
  • aLTEr so far can be mitigated by those websites that make use of the “HTTPS” protocol (for example, when you access the website of your bank, you will notice this in the URL window).

But, if a Cyber attacker has the financial resources and the brains to carry out this kind of attack, it can still be done, with much careful planning and forethought required first.  It is expected that with the advent of the 5G network, this risk of aLTEr will be non existent.

My thoughts?  As described, this is still mostly in theory.  I wouldn’t get too freaked about it yet. Remember, a Cyber attacker wants to leave no footprints behind, and spending $4,000 would leave some sort of a trail that a forensic expert could very easily pick up on.  But of course, if the Cyber attacker paid for the stuff in Bitcoins, then this is a moot point.

In the meantime, as I have always said, just make sure that you keep updating your Smartphone with the latest firmware and software upgrades/patches.  After all, this is the best that you can do, and who can ask for any better?  Heh, this is what my parents would always tell me when I got my grade cards in high school.