You have been warned: Abusing 5G's Warning and Emergency Systems

Evangelos Bitsikas, Christina Pöpper

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The Public Warning System (PWS) is an essential part of cellular networks and a country's civil protection. Warnings can notify users of hazardous events (e. g., floods, earthquakes) and crucial national matters that require immediate attention. PWS attacks disseminating fake warnings or concealing precarious events can have a serious impact, causing fraud, panic, physical harm, or unrest to users within an affected area. In this work, we conduct the first comprehensive investigation of PWS security in 5G networks. We demonstrate five practical attacks that may impact the security of 5G-based Commercial Mobile Alert System (CMAS) as well as Earthquake and Tsunami Warning System (ETWS) alerts. Additional to identifying the vulnerabilities, we investigate two PWS spoofing and three PWS suppression attacks, with or without a man-in-the-middle (MitM) attacker. We discover that MitM-based attacks have more severe impact than their non-MitM counterparts. Our PWS barring attack is an effective technique to eliminate legitimate warning messages. We perform a rigorous analysis of the roaming aspect of the PWS, incl. its potentially secure version, and report the implications of our attacks on other emergency features (e. g., 911 SIP calls). We discuss possible countermeasures and note that eradicating the attacks necessitates a scrupulous reevaluation of the PWS design and a secure implementation.

Original languageEnglish (US)
Title of host publicationProceedings - 38th Annual Computer Security Applications Conference, ACSAC 2022
PublisherAssociation for Computing Machinery
Pages561-575
Number of pages15
ISBN (Electronic)9781450397599
DOIs
StatePublished - Dec 5 2022
Event38th Annual Computer Security Applications Conference, ACSAC 2022 - Austin, United States
Duration: Dec 5 2022Dec 9 2022

Publication series

NameACM International Conference Proceeding Series

Conference

Conference38th Annual Computer Security Applications Conference, ACSAC 2022
Country/TerritoryUnited States
CityAustin
Period12/5/2212/9/22

Keywords

  • 5G
  • MitM attacks
  • Public Warning System
  • spoofing
  • suppression

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Software

Fingerprint

Dive into the research topics of 'You have been warned: Abusing 5G's Warning and Emergency Systems'. Together they form a unique fingerprint.

Cite this