Despite being in use for decades, one company claims TETRA has flaws that could let hackers decrypt and manipulate emergency communications.
A form of radio communication used by emergency services worldwide has critical vulnerabilities that can be exploited by hackers, according to a Dutch security company.
Discover the Game-Changing Surprise: Unveiling Realme's Exhilarating GT5 ProThe research team at Midnight Blue claims to have found five vulnerabilities that affect Terrestrial Trunked Radio (TETRA), a standard used by emergency services and government entities around the world.
TETRA is an encrypted radio network that protects emergency services and critical infrastructure comms from being hacked. This technology has been in use around the world for decades, but Midnight Blue claims its algorithms were kept secret and only given to a limited number of parties.
Breaking: VMO2 Shocks UK Industry with Drastic Workforce Reduction“Despite being widely used and relying on secret cryptography, TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy,” the company said in its report.
Midnight Blue claims two of the vulnerabilities it found are “critical”, giving hackers the potential to decrypt sensitive communications. The flaws also let hackers conduct “harvest-now-decrypt-later attacks” or manipulate the communications of military or law enforcement groups, the company claims.
The EU's Groundbreaking Move to Revive the Semiconductor Industry Leaves Everyone AwestruckIn terms of critical infrastructure, Midnight Blue said attackers could use these vulnerabilities to intercept radio communications of private security services at harbors, airports, and railways, or inject their own data traffic to control industrial equipment.
“Decrypting this traffic and injecting malicious traffic allows an attacker to potentially perform dangerous actions such as opening circuit breakers in electrical substations or manipulate railway signalling messages,” the company said.
Introducing: The Game-Changing DJI Air 3 DroneThe Dutch company claims these vulnerabilities – collectively called TETRA:BURST – affect all of its networks. It also said patches are available for some of the flaws it detected.
Midnight Blue plans to publicly reveal the technical details of these vulnerabilities on 9 August. In the meantime, the company claims to have informed law enforcement groups and the European Telecommunications Standards Institute, which oversees the TETRA specification.
Lynk unveils groundbreaking technology: Making satellite-to-phone calls, all with an unexpected twistIreland brought in TETRA technology for its emergency services in 2008, which is currently operated by a company called Tetra Ireland. Roughly 97% of Tetra’s customer base consists of public bodies.
Some of its clients include An Garda Siochána, the National Ambulance Service, Dublin Fire Brigade, the Irish Coast Guard, the National Parks and Wildlife Service, the Irish Prison Service, EirGrid, the Irish Naval Service, Inland Fisheries Ireland, the Office of Public Works, Irish Water and ESB Networks. In March 2022, Motorola Solutions fully acquired Tetra Ireland for an undisclosed figure.
If you would like to know other articles similar to Researchers Unveil Alarming Flaws in TETRA Communications - Discover What's at Stake updated this year 2024 you can visit the category Breaking Tech News.
Leave a Reply