Security Flaw Found In LTE Standard

Posted by at 12:08 pm on July 5, 2018

Researchers have recently discovered a new security vulnerability affecting all 4G LTE networks.

The so-called “aLTEr” attack could allow someone nearby to send your phone’s browser to a web site different than the one requested, impersonating your bank’s web site, for example. Similarly, it could trick an app into connecting to a different back-end service.

aLTEr requires that the attacker use $4,000 equipment and be within about a mile of the victim, among other challenges. Although a successful attack is difficult, it could be used against high-value targets such as politicians, military personnel, journalists, employees of corporate rivals, etc.

The flaw is inherent in the LTE standard and unlikely to be fixed. However, because aLTEr relies on DNS spoofing, it can be avoided by only using web sites and services that employ both HTTPS and DNSSEC.

Currently, less than 1% of .com web sites employ DNSSEC, although many high-value sites do use it.

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email


Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2024 · StreetCorner Media , LLC· All Rights Reserved ·