TETRA radio security vulnerabilities exposed

Share post:

A group of Dutch security analysts have discovered serious vulnerabilities in the TETRA (Terrestrial Trunked Radio) standard, including a deliberate backdoor.

TETRA is a European radio standard used by police forces, prison personnel, military, intelligence agencies, and emergency services around the world. It is also used in critical infrastructure, such as pipelines, railways, and the electric grid. The vulnerabilities could allow attackers to intercept, manipulate, or disturb communications, or even send fraudulent messages.

Though TETRA isn’t widely used in the U.S., but open-source research revealed its application in at least two dozen critical infrastructures, including electric utilities, state border control agencies, oil refineries, chemical plants, mass transit systems, and international airports.

The researchers say that the vulnerabilities have been known to vendors for years, but they have only just been made public. The Dutch National Cyber Security Centre (NCSC) has also notified radio vendors and computer emergency response teams (CERTs) around the world about the problems. It says the vulnerabilities are “serious” and that organizations that use TETRA should take steps to mitigate the risk.

The researchers plan to present their findings, and the secret TETRA encryption algorithms to encourage further investigation into potential weaknesses at the BlackHat security conference in Las Vegas in August.

The sources for this piece include an article in ArsTechnica.

SUBSCRIBE NOW

Related articles

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways