According to Light Reading, wireless industry insiders believe 5G will be the most secure wireless transmission technology to date. But studies continue to report that researchers continue to find vulnerabilities in the 5G standard. The latest news comes from TechCrunch, a website that reported this week that security researchers at Purdue University and the University of Florida have discovered a number of 5G vulnerabilities, including those that can be used to track the location of victims in real time.
TechCrunch noted that researchers do not plan to publish details of their findings publicly, and that they have notified GSMA, an industry organization representing the Global Wireless Industry Association, of the issue. However, the GSMA said the vulnerabilities found were “judged to be zero or less impactful in practice”.
This is not the first time researchers have reported vulnerabilities in 5G networks. For example, ZDNet reported earlier this year that researchers from the Technical University of Berlin, the Federal Institute of Technology in Zurich and SINTEF Digital Norway had discovered a 5G vulnerability involving how the phone connected to the base station.
In fact, the Electronic FrontLine Foundation, a non-profit group that aims to “defend civil liberties in the digital world,” recently noted that such “cellular base cell simulator” attacks, also known as IMSI-catchers, were relatively common in the 4G era.
But if 5G does become what the industry calls a ubiquitous technology connection, then any security issues will grow accordingly.
“As a consumer, I love the 5G concept because it’s great and I’ll be able to connect to the Internet everywhere. But as a security practitioner, I hate the concept of 5G because we’re going to be connected everywhere. Charles Henderson, IBM’s head of security, told the Wall Street Journal earlier this year.
But participants in the wireless industry are clearly aware of this concern. For example, security researchers at Ericsson, the equipment manufacturer, said in January that the industry had made progress in addressing 5G vulnerabilities, including fake base stations. They said the next version of the 5G standard (R16), to be released early next year, could include a range of other improvements.