
Privacy attacks are a common concern for people when they’re on the Internet, but we often dash away our concerns over privacy attacks happening over the phone. We assume that our calls cannot be intercepted or eavesdropped upon unless a physical wiretap is in place because phones are different than computers, right? Unfortunately, that is an incorrect assumption. Cellular phones have specific broadcast protocols that are standardized internationally, and it is theoretically possible to intercept the signals transmitted on those protocols. These interceptions could happen using devices called IMSI catchers, simply put, fake cell phone towers.
Although fixes are already being developed, this theoretical vulnerability can affect current 3G and 4G protocols, not just the upcoming 5G protocols. The problem arises when a phone authenticates itself on a cellular network using a process called Authentication and Key Agreement (AKA). Communications between a phone and cellular network are encrypted, so it’s not possible to just listen to conversations if you happen to pick the right frequency. Nonetheless, if the encryption is cracked, it’s possible to intercept calls, see certain types of information about the callers, and track the location of phones.
Types of Privacy Attacks to be Aware of
The 5G protocol was designed specifically to thwart IMSI catchers by using a stronger authentication system, and the fixes to the protocol will make it stronger still. Until those fixes are available, though, anything that connects to a cell phone could be a potential target. With the Internet of Things comprising billions of devices, and that number set to skyrocket, a failure to fix the protocol properly could have implications far beyond intercepting one’s cell phone service.
There are three different types of privacy attacks that could potentially reveal information to hackers on a cellular network:
- The first is called ToRPEDO (Tracking via Paging Message Distribution), a type of attack which identifies whether a certain device is inside a specific cell area. An attack like this relies on detecting a victim’s cell phone with a sniffer, so it’s not viable to use in a large area, but small areas that receive a lot of cell phone traffic could be particularly vulnerable.
- The second attack type is called PIERCER (Persistent Information Exposure by the Core Network), and it can identify a person’s phone number. This type of attack also requires a sniffer. Fortunately, 5G networks are not vulnerable to these attacks.
- The third type of attack is called IMSI-Cracking and allows a hacker to decipher a person’s IMSI with a brute-force attack in less than a day. Cracking the encrypted communications line allows attackers the ability to intercept calls or texts, eavesdrop, gather personal information regarding the callers, and track location.
To make things even more complicated, these three types of privacy attacks are linked together. A successful ToRPEDO attack opens up the possibility for a successful PIERCER attack, which in turn offers a chance for a successful IMSI crack. Once someone’s IMSI is uncovered, hackers could potentially send them fake messages or intercept calls. It is possible there are other attack methods on upcoming 5G networks that we haven’t uncovered yet, since the technology is still not fully implemented or tested.
Your Best Line of Defense
While turning off cell phones and abstaining from technology is one way to prevent attacks, that’s clearly not a viable option in our modern, tech-centric world. Switching to a different cell phone network or different smart device carrier won’t make a difference, either. The vulnerabilities have been detected throughout the world on every major network. Your best line of defense is upgrading to 5G technology as soon as it’s available. The fixes being pioneered by the world’s top researchers should successfully address these vulnerabilities.
Cell phone and smart device users cannot prevent these privacy attacks themselves, but they can be aware of their cell phone usage, which is a potent defense. Getting unusual text messages or notifications or on the flip side, not getting notifications when they are expected can be indicators of a breach and should be something to watch out for. Turning off your cell phone when it’s not being used and limiting mobile data usage can also be helpful. As of this writing, the best thing to do is to stay away from places where hackers may have deployed a sniffer, for example, major events, concerts, or places that draw large crowds. If you cannot avoid these places, then your next best option is to turn off your device, even remove the battery if possible.
Privacy attacks can be intimidating, more so when it’s not possible for users to do as much about them as they would like. Responsible data usage can go a long way, just like it does for other kinds of cybersecurity. Don’t click on unfamiliar links that show up on your phone or respond to text messages you’re not expecting. If your cell phone starts acting up in unusual ways, take it to your carrier and ask them to check the device and its settings. Don’t stay connected to untrusted networks any longer than is absolutely necessary and make sure your phone has up-to-date security software.
Remember that the need for data security isn’t new, and there’s no reason to be worried that someone is spying on your every move. Privacy attacks have been possible for decades, and data security has been an issue as long as those attacks have been possible. People are more aware of these security flaws now, ensuring that we will continue to take steps to protect our privacy and data.
The original version of this article was first published on Inspired eLearning.
Tech writer by day, slayer of cyber security ignorance by night.

