A group of Dutch security analysts have discovered serious vulnerabilities in the TETRA (Terrestrial Trunked Radio) standard, including a deliberate backdoor.
TETRA is a European radio standard used by police forces, prison personnel, military, intelligence agencies, and emergency services around the world. It is also used in critical infrastructure, such as pipelines, railways, and the electric grid. The vulnerabilities could allow attackers to intercept, manipulate, or disturb communications, or even send fraudulent messages.
Though TETRA isn’t widely used in the U.S., but open-source research revealed its application in at least two dozen critical infrastructures, including electric utilities, state border control agencies, oil refineries, chemical plants, mass transit systems, and international airports.
The researchers say that the vulnerabilities have been known to vendors for years, but they have only just been made public. The Dutch National Cyber Security Centre (NCSC) has also notified radio vendors and computer emergency response teams (CERTs) around the world about the problems. It says the vulnerabilities are “serious” and that organizations that use TETRA should take steps to mitigate the risk.
The researchers plan to present their findings, and the secret TETRA encryption algorithms to encourage further investigation into potential weaknesses at the BlackHat security conference in Las Vegas in August.
The sources for this piece include an article in ArsTechnica.