5. User Equipment (UE):
UEs are the subscriber entry points into the LTE network and are perhaps the weakest element on the LTE architecture as the MNO has least control over its security parameters. In context, UEs can be the gateway for various security vulnerabilities into the LTE service.
Key Security threats/risks:
- Physical attacks
- Lack of security standards & controls on UEs
- Risk of data loss, privacy
- Application layer: virus, malware, phishing
Physical attacks: Smart devices are small and portable and are inherently prone to loss and theft. A smart device or UE can be physically tampered with and used to access and attack the operator’s networks. Subscribers jailbreaking smart devices (hardware or software) compromises the manufacturer’s security settings on the device. The increased intelligence and processing capability of the LTE UE proportionately elevates the sophistication of the possible cyber-attacks from the UE. For example, smartphone zombies could be set up to continuously dial numbers and hang up, using up valuable radio resources in the cell that will eventually adversely affect network performance. [7]
Risk of data loss, privacy: Due to broadband data capabilities, LTE UEs will store more data on the UE than ever before making them attractive targets for attackers. Deloitte reports that 90% of user passwords on LTE devices are vulnerable to hacking in a matter of seconds [8]. Once an attacker can access user data, the subscriber can then become a victim of an array of crimes from identity theft, loss of financial or sensitive personal information, to violation of privacy.
Lack of security standards & controls: A plethora of smart phones, tablets and other 4G LTE devices from numerous manufacturers, with disparate, open and proprietary operating systems (OS) and software, will roam the LTE network. Further, most UEs lack security management tools. MNOs opting to allow unsecured devices to connect to their network provide an entry point for attackers. MNOs in the legacy architecture, limited the selection of ODM/OEM devices connecting to their networks, setting basic security parameters on the chosen UEs. However with the ubiquitous nature of LTE, profit seeking MNOs will move towards inclusion of most UEs from a global subscriber base adopting a permissive, inclusive approach. This brings a weakened security configuration at the LTE edge.
Application vulnerabilities: Since UEs on LTE are essentially IP devices, they are now susceptible to IP based vulnerabilities and attacks. Subscribers who indiscriminately download applications and content expose the UE to viruses, malware, spam, phishing and similar threats that compromise the integrity of the device, bandwidth usage on the MNO network, security of the LTE edge and the subscriber. According to McAfee there was a 4000% increase in mobile malware year over year in 2012 over 2011to just under 37,000 variants [9]. In alignment, attacks on applications on LTE devices are expected to rise. With bandwidth rich applications such as mobile banking, mCommerce and trading, attackers will find vulnerabilities in mobile financial applications attractive targets.
Preventative measures:
- Subscriber education
- Industry security standards & controls on UE
- Antivirus
- Strong authentication, authorisation, OS encryption
Subscriber Education: Subscriber education is the most effective approach to protecting the UE. Informing the user about the risks of damage from unsecure devices will motivate users to keep the UEs physically safe. Informed users can turn off the geo-location features on their devices to protect the privacy of their physical location. MNOs can further emphasize this by transferring accountability for mischief initiated from the UE, and responsibility to protect the UE, to the subscriber via user agreements and associated penalties.
Anti-Virus: UEs like personal computers (PC) are susceptible to viruses, malware and social engineering attacks. Anti-virus programs protect devices from a vast set of virus, malware, spyware and other cyber threats and are constantly updated by vendors. Anti-virus, anti-malware software should be installed on UEs and kept up to date as a basic protection mechanism for the device.
Strong authentication, authorisation, encryption: UEs should have strong authentication mechanisms to verify users accessing the UE. Subscribers should set up strong passphrases on UEs. As a result attackers will no longer have immediate access to the data on the device, even if the device is physically in their possession. Authorisation grants or denies access to resources. The UE can be set up with different access privileges for a user and an administrator. This will offer the UE another layer of access protection. Further, LTE users should be advised to choose devices with OS encryption, remote wipe capabilities, as well opt for encryption of data stored on the device.
Industry security standards and controls: With over 97 manufacturers and 821 UEs accessing the MNO networks [3], MNOs should continue to work through global operators’ consortiums with manufacturers to establish firm security standards and controls on smart devices, align on default security settings on UEs, security management tools and share the burden of educating subscribers on the use of security features on the UE to protect both themselves and the MNO.