Researchers have discovered vulnerabilities in TETRA, which provides radio communications around the globe for police, ambulance traffic, the military, power grids and trains, among others.
The vulnerabilities can be used by malicious parties to cause extensive damage. TETRA is an abbreviation for Terrestrial Trunked Radio. In addition to government agencies, the transportation and energy sector also use it. TETRA differs from other digital systems in that it can transfer calls within half a second, far quicker than technologies such as GSM. In addition, it has a reputation for being secure and reliable, although the presence of vulnerabilities calls this status into question.
Wired reports that five vulnerabilities have been found by the Dutch research team. Firstly, they discovered a backdoor that customers of the technology were unaware of. It has existed for more than 25 years without being widely known. In addition, another vulnerability makes it possible to read encrypted messages in the C2000 communication system of Dutch emergency services and Defense, among others.
Speaking to the Dutch RTL Nieuws, professor of computer security Bart Jacobs at Radboud University Nijmegen states that the research findings are “serious.” “It is serious for the government, but also for business. It concerns vital infrastructure whose functioning can be affected by serious attacks.”
The danger of compromising TETRA is that, for example, hackers could make fraudulent reports or could disable a power network remotely. Disastrous consequences can also be imagined by manipulating train traffic or gas lines.
TETRA is a global standard that at least 120 countries use. It is particularly suitable for long distances and hilly areas, but its various forms are in use for all sorts of use cases.