Achilles' heel in 4G LTE wireless standard
Source: Ettus Research
The high-speed wireless data standard LTE can be knocked out across a large area using freely available hardware. The technique is described in a research report from Virginia Tech University which states that jamming an LTE mast's control channel is sufficient to block all data traffic from that mast. Dr Jeffrey Reed, who led the research group, told the MIT Technology Review that this requires a software-defined radio costing just a few hundred dollars.
Depending on population density, this could affect several thousand mobile phone users. In the report, which was prepared for the US National Telecommunications and Information Administration (NTIA), the researchers recommend that the security of LTE's air interface should be improved before it becomes the basis for the national emergency call system; the NTIA advises the White House on telecommunications issues.
The researcher's report describes three attack types based on disrupting different control signals. Although these signals comprise only a tiny fraction of the total data transferred over the network, they are essential for communication between mobile devices and base stations. If they are jammed, the whole of the communication process is disrupted. According to Reed, it's easy to disrupt this signal even today, with the equipment required fitting into a briefcase, and that by amplifying the interference signal, a group of terrorists, for example, could disable LTE across a large area.
If such an attack were to occur today, the consequences would be manageable, since the UMTS, GPRS and GSM networks are still active and would be unaffected. If, however, at some future date they were to be turned off, leaving a pure LTE network, users would not even be able to make phone calls, since LTE is purely IP-based and uses VoIP to make voice calls.
(Uli Ries / crve)