Hackers of India

Femtocells: A Poisonous Needle in the Operator’s Hay Stack

By  Ravishankar Borgaonkar  , Kevin Redon  , Nico Golde  on 13 Oct 2011 @ Hitb Sec Conf

Presentation Material

Abstract

Femtocells are an emerging technology deployed by the operators around the world to enhance 3G connectivity. These secured devices are installed in the customers home and connect the mobile phone to the mobile network operator’s network using an existing broadband connection.

Various researchers (including us) have shown in the past that these devices are not secure and can be hacked. However, nobody has actually investigated the impact of integrating a rouge femtocell to the mobile operator’s core network. In this talk, we will give a short introduction to femtocell technology and show different attacks based on a rogue femtocell.

These attacks can target end-users being logged into a femtocell, femtocell owners as well as network operators.

AI Generated Summarymay contain errors

Here is a summary of the content:

The speaker has identified security issues with femtocells, IOT devices used to provide mobile network coverage in homes and offices. The problems are not specific to one operator or vendor, A single femtocell design flaw allows attackers to root the device and access the network behind it. Although some bugs have been fixed, new ones may still be discovered. The administrator of the femtocell has full power and can potentially launch attacks, such as sending SMS messages or capturing telephone traffic.

The speaker notes that vendors prioritize cost over security features due to market pressures. To provide adequate security, operators must make trade-offs between security and cost. The group did not break the GSM SIM encryption key (KI) but rather used the SIM card to authenticate themselves, allowing them to send SMS messages and access the network.

Due to legal constraints, the speaker was unable to publish their findings and tools immediately after a Black Hat talk. However, they expect to make the information available soon. The group’s PowerPoint slides will also be uploaded to the conference website.

In conclusion, femtocells are vulnerable devices that can be exploited for malicious purposes, such as spying on users.