LTE networks vulnerable to inexpensive jamming technique

A laptop, an inexpensive transmitter, and a little technical knowledge is all that's necessary to take down the high-speed wireless data networks that are being embraced as the future of wireless communications, researchers warn.

As wireless consumers are increasingly doing more with their smartphones, demand for faster, persistent connections is also growing. Boasting speeds four times as fast as current 3G networks, long-term evolution (LTE) is being deployed across the country by every wireless carrier in the United States. Verizon, which was the first national carrier to launch LTE, expects to have the networks in 400 markets by the end of the year.

However, targeting a small portion of the signal with a laptop and a transmitter costing about $650 could knock offline an LTE base station serving thousands of people, according to researchers who raised concerns last week over the technology's planned use in a national public safety broadband network.

"An example strategy would be to target specific control or synchronization signals, in order to increase the geographic range of the jammer and better avoid detection," the Wireless @ Virginia Tech research group said in a filing (PDF) submitted to the National Telecommunications and Information Administration. "The availability of low-cost and easy to use software-defined radios makes this threat even more realistic."

When employed by terrorists or other criminals, the technique could pose a threat to public safety.

"It is very possible for radio jamming to accompany a terrorist attack, for the purpose of preventing communications and increasing destruction. Likewise it is possible for criminal organizations to create mayhem among public-safety personnel by jamming," said Jeff Reed, director of Virginia Tech's wireless research group.

"Picture a jammer that fits in a small briefcase that takes out miles of LTE signals -- whether commercial or public safety," Reed told the MIT Technology Review, adding that it would be difficult to defend against such an attack.

While any radio frequency can be blocked by sending a signal at the same frequency, LTE's signal is especially vulnerable owing to how the signal synchronizes between handset and base station, researchers found. "Your phone is constantly syncing with the base station," Lichtman told the Review. "If you can disrupt that synchronization, you will not be able to send or receive data."

This was just one of eight signal vulnerabilities the team found that could be used to jam communications between phones and base station, the researchers said. Technical knowledge of the LTE standard would be necessary to jam an LTE base station, however that's a published standard.

"Any communications engineer would be able to figure this stuff out," Lichtman said.