Engineering research uncovers mobile communications security flaw
A multi-institution research group, including Ohio State Assistant Professor of Computer Science and Engineering Chunyi Peng, have discovered several security issues in the current VoLTE (voice-over-LTE) deployment of some U.S. carriers.
VoLTE is a relatively new system that allows voice calls to travel over data networks. More consumers are getting VoLTE service from their carriers, so the recently published research on potential security hacks is timely.
The researchers uncovered several device and network vulnerabilities that can be exploited to disrupt both data and voice signaling. In particular, they find attackers can easily gain free data access, shut down continuing data access, or subdue an ongoing call.
According to Peng, she and her colleagues have notified carriers and a major chipset vendor about the vulnerabilities, and some of them have already been fixed.
For more in-depth coverage, see articles by The Verge and RCR Wireless News.
Earlier this year, Peng and her UCLA colleagues analyzed 3G/4G cellular network MDC systems and discovered significant security vulnerabilities.