TETRA radio security vulnerabilities exposed

Share post:

A group of Dutch security analysts have discovered serious vulnerabilities in the TETRA (Terrestrial Trunked Radio) standard, including a deliberate backdoor.

TETRA is a European radio standard used by police forces, prison personnel, military, intelligence agencies, and emergency services around the world. It is also used in critical infrastructure, such as pipelines, railways, and the electric grid. The vulnerabilities could allow attackers to intercept, manipulate, or disturb communications, or even send fraudulent messages.

Though TETRA isn’t widely used in the U.S., but open-source research revealed its application in at least two dozen critical infrastructures, including electric utilities, state border control agencies, oil refineries, chemical plants, mass transit systems, and international airports.

The researchers say that the vulnerabilities have been known to vendors for years, but they have only just been made public. The Dutch National Cyber Security Centre (NCSC) has also notified radio vendors and computer emergency response teams (CERTs) around the world about the problems. It says the vulnerabilities are “serious” and that organizations that use TETRA should take steps to mitigate the risk.

The researchers plan to present their findings, and the secret TETRA encryption algorithms to encourage further investigation into potential weaknesses at the BlackHat security conference in Las Vegas in August.

The sources for this piece include an article in ArsTechnica.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways