Small Cells Pose Big Problems

by Jeff Wiener on July 18, 2013

Always searching for viable solutions to the extant spectrum crisis, earlier this year writers here at theTelecomblog.com covered the expansion of small cell technology, effectively network hotspots designed to expand the network footprint and alleviate some of the traffic on the network itself, allowing for carriers to effectively manage more customers.

While at the time the solution struck me as a viable, albeit patchwork, alternative to our growing spectrum pinch, it seems that small cells may not be the wireless salvation we’ve been waiting for, as those small cells pose big security problems. According to Reuters, two researchers from cybersecurity firm iSec Partners have cracked into one of Verizon’s small cells—otherwise known as a femtocell—essentially turning it into a mobile hacking station.

Although Verizon claims to have patched the security vulnerability in its small cells, rumours abound that its not a software issue to begin with, meaning those who employ small cell technology to boost their network signal may have their private communications—calls, SMS, and photos—exposed to hackers.

Small cell technology is quickly becoming a mainstay in many people’s home network infrastructure, and like other such technology, routers for instance; it looks to serve as a potential gateway for hackers to take control of the system if compromised. The really sneaky part of small cell technology, however, is that your phone will automatically connect to one if it’s within range, all without your knowledge.

In a demonstration to Reuters, researcher Tom Ritter and his colleague, Doug DePerry, showed how they were able to eavesdrop on text messages, view photos, and listen to phone calls made with an Android phone and an iPhone on a compromised Verizon femtocell, the details of which will be made public to security industry insiders at next month’s Black Hat and Def Con hacking conferences in Las Vegas.

It’s certainly not hard to imagine the damage such a hacked small cell could deliver, as the strategic placement of a hacked femtocell in a public place would allow hackers access to a wide range of private information as a multitude of phones are automatically routed through it, perhaps even revealing information that might have serious implications for national security.

For its part, Verizon has gone on record stating that this problem has already been addressed. “This is an issue that was fixed in March of this year on all Network Extender devices,” Verizon Wireless spokesperson David Samberg told TechNewsWorld recently. “The fix prevents the Network Extender from being compromised in the same manner.” But according to analysts, not only has previously hacked small cells remained unaffected by the upgrade, the fact that the vulnerability seems to exist in the small cell firmware means its only a matter of time before hackers find another way around Verizon’s upgrades.

In the end, the researchers are using their findings as a warning to all mobile carriers, upgrade your small cells now or reap the whirlwind of the security breaches to follow.

Previous post:

Next post: