Researchers at Purdue and the University of Iowa have released an outline of exploits for the LTE protocols that would allow intruders to conduct ten very serious attacks. These attacks include tracking locations, knocking devices offline, spying on calls and text messages, and even faking emergency alerts.
Once intruders are in, they can take advantage of three key protocols (such as attaching a device to the network and maintaining that connection) to conduct authentication relay attacks. This would not just allow them to connect to the network without credentials, but mask themselves as the victim’s device. The intruder would not only compromise the network, but also frame the victim for the committed crime. Mind you, these aren’t just hypothetical attacks. The researchers tested eight of the ten attacks using SIM cards from four large US carriers.
The problem is with LTE itself, and it is fixable because one of the big US carriers has already fixed it. It’s basically a race against time because you can built the necessary LTE exploit tool for as little as $1,300, so determined intruders could infiltrate a network without needing too many resources.