Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Bewitched by 4G/LTE? Security Might Break That Spell

What Do 4G/LTE Networks’ Entirely New Infrastructure Mean for Security?

By now, we’ve all seen the uncharacteristically techie ads for 4G/LTE phones and services. Even for those of us who don’t know that LTE stands for Long Term Evolution, the 4G postscript reassures us that we are going to get more, better, and faster. After all, the “Gs” have been part of our vernacular and consciousness for a while.

What Do 4G/LTE Networks’ Entirely New Infrastructure Mean for Security?

By now, we’ve all seen the uncharacteristically techie ads for 4G/LTE phones and services. Even for those of us who don’t know that LTE stands for Long Term Evolution, the 4G postscript reassures us that we are going to get more, better, and faster. After all, the “Gs” have been part of our vernacular and consciousness for a while.

1G brought us the even-in its-own-time, grin-worthy “brick;” and 2G, the enduring clam shell. 3G phones and networks have been all about smartphones and extending voice communications to data and video. And the in-between “Gs” have offered tweaks for call quality and a range of new services.

Benefits of LTE Mobile NetworksBut now, with the bewitching 4G, comes the promise of a near quantum leap rather than just simple improvement. Think downloading and viewing a two-hour movie on your smartphone while riding the bus home—as fast, nay faster, than you can on your home computer. That speeds the essence of the 4G/LTE promise: a multimedia-centric network model and constituent devices that vastly improve the service quality of its predecessors.

That said, does this mean that 4G/LTE networks are based on entirely new infrastructure? Yup, that’s exactly what it means. The cellular or wireless networks of the past were built and optimized for voice communication. Over time, as text and email messages became more popular, the networks—and devices for that matter—were modified to handle the additional traffic.

Today though, multimedia-capable mobile devices are an imperative of every part of our personal and professional lives and we expect them to give us access to everything, everywhere, and in an instant. This type of information urgency has caused the makeup of the wireless network to change to an “all IP” network or one that looks very much like the computer networks we use at work and school. This means that our phones and the entire mobility management infrastructure that makes our iPhone to Android SKYPE calls possible will have IP addresses just like our laptops do on land-based networks today. So the experience of connecting over the wireless or cellular carrier network will be indistinguishable from the one we have over local wifi—what’s not to like about that?

For starters, think about getting a lot more SPAM, since the sources and destinations (i.e., new IPs) will increase by orders of magnitude. This may be a mere nuisance on your hotmail account, but with pay-as-you-use text and data smartphone plans, it could end up costing you serious cash. To boot, there are viruses and botnet infections that are specifically written to make sure your phone is “called” or woken up repeatedly just for the fun of draining the battery. Then, there are the more insidious possibilities that include a critical mass of infected phones that unwittingly participate in denial of service attacks, causing cellular network disruption for legitimate users. Security is also likely to take center stage as smart meters for home, wireless health monitors, and IPTVs join the ranks of 4G connected devices available to us.

But are any of these really unexpected? These are all of the security and service quality challenges that Internet-connected users and network administrators face within terrestrial networks today. So, naturally, the 4G/LTE all IP infrastructure will just extend the attack surface. And while technologies like firewalls, intrusion detection sensors, encryption tools and subscriber protection suites can ameliorate some of the risks, the question now is: What’s available to you from your provider and for your chosen device?

All things considered, 4G/LTE networks are still pretty new—with most of the world’s wireless services carriers only now transitioning. In the U.S., Verizon and Metro PCS offer 4G service. AT&T’s rollout is currently underway and will continue through 2013. If you are planning on making the switch for yourself, your organization, or business, then be sure to ask some questions of your service representative. Understand what steps can be taken to protect device contents and ensure secure connectivity. And know your options for protecting your device—and your wallet—from unwanted connection attempts and gratuitous traffic.

Advertisement. Scroll to continue reading.

4G is the way of the near-term future (in fact there’s even LTE advanced planning underway) and I for one am giddy about the prospects of catching up on email and my favorite TV shows without a single second of train commute wasted. But for me, it will be an all-security-options-“on” ride.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.