Did 5G Kill the IMSI Catcher?
a year ago
- #IMSI Catchers
- #Mobile Networks
- #Cybersecurity
- Mobility in mobile networks is a key feature but also a security vulnerability, especially regarding IMSI catchers.
- IMSI (International Mobile Subscriber Identity) is a unique identifier for SIM cards, containing Mobile Country Code (MCC), Mobile Network Code (MNC), and a unique SIM number.
- IMSI catchers come in two types: active (illegal and detectable) and passive (undetectable and legal).
- Passive IMSI catchers exploit the fact that phones sometimes send IMSIs in cleartext during network registration or reselection.
- 2G and 3G protocols are particularly vulnerable as they send IMSIs in cleartext under certain conditions.
- 4G networks are less vulnerable but still exploitable, especially in areas with older network technologies or at network borders.
- 5G introduces SUPI (Subscription Permanent Identifier) and SUCI (Subscription Concealed Identifier) to encrypt the IMSI, significantly improving security.
- Despite improvements, 5G networks may still be vulnerable due to incomplete deployments or fallbacks to older technologies.
- Users can mitigate risks by prioritizing 5G-SA networks, using airplane mode in low-coverage areas, or employing Faraday bags.
- The development of IMSI catchers has shifted from technical challenges to geographical and deployment-based vulnerabilities.