Article: Our Eye Is on the SPARROW
Author: Reza Soosahabi
Published: September 24, 2021
Site: DARKReading.com
This weeks news: there’s a new way to enable long range communication leveraging other people’s networks by taking advantage of a vulnerability found in MAC layer protocols in 5G and LTE.
Using the cell coverage network, anonymous messages can be sent via short distances that link to enable longer trail of the communication. The vulnerability allows the establishment of these link prior to authenticating the user therefor allowing for anonymity. Specifically the MAC layer (L2) of “wireless access infrastructure” is impacted rather than the physical disruption of the L1 layer of using the other layers of the infrastructure stack (L3-L7).
It’s important to note that “Since commercial wireless signals are available virtually everywhere, exploiting them for data exfiltration can circumvent all existing preventive measures.” Rendering this a rather critical vulnerability.
3 reasons for major concern:
– Max Anonymity
– More distance coverage
– Low power and low complexity
Exploits
– data exfiltration – can serve as a vehicle to known data exfiltration techniques
– command and control – remote control of IoT to trigger events
– clandestine ops – attackers can communicate without detection
I enjoyed this article. I think it’s interesting that this went undisclosed for so long. I wonder how this will affect future iterations of protocol specifications and how drafters will account for security in their designs. I wonder if we’ll see additional fallout from this disclosure as carriers begin further investigations.
It’s inevitable that we will see fall out. More care needs to brought into infrastructure specs. As we move into an ever mobile world, we can’t forget the existing legacy infrastructure. Sometimes the new tech can overshadow the old and professional who are way ahead of the curve lose sight of the basics.