Presented at
DEF CON China 1.0 (2019),
May 31, 2019, 12:30 p.m.
(20 minutes)
Public warning system (PWS) based on mobile communication system is used to alert the public to emergency events such as earthquakes, tsunamis, hurricanes, etc. We carefully study the PWS in LTE network and uncover the vulnerability of PWS in LTE air interface, i.e., the warning messages of the PWS are not encrypted or signed when they are transmitted over the air. Thus, it is possible that malicious PWS warning messages can be transmitted.
We simply use a low cost soft define radio (SDR) device and modify not much code of the LTE open source project srsLTE in order to forge the warning messages. Both Apple and Android test mobile phones are affected by our forged warning messages.
Fake PWS warning messages will cause serious panics among the population, they also could be used to send advertising or spam messages. The public warning system may become paralyzed and useless under the threat of the abuse of fake warning messages.
Presenters:
-
Yuwei Zheng
Yuwei Zheng is a senior security researcher from 360 technology. He focuses on the security issues of embedded hardware and IOT systems. He was the speaker of DEFCON, HITB and BlackHat.
-
JingLi Hao
JingLi Hao is a researcher of 360 Security Research Institute, member of Unicorn Team, satellite hacker
-
Weiguang Li
- LTE Security Researcher from 360 Technology
Weiguang Li is a mobile network security researcher from UnicornTeam of 360 Technology Co. Ltd in China. He mainly focuses on GSM and LTE security, He is also interested in NB-IOT baseband reverse engineering and software-defined radio development.
WeChat: ColorLight
Links:
Similar Presentations: