It's hard to believe that at the beginning of 2022, there are some places in the world that still have active 2G wireless networks, especially as the 3G network shutdown is already underway in the United States. But, while there are parts of the world that still use it, the parts of the world that do not still have 2G service simply have a potential route for an attack. Google has addressed this issue in its latest version of Android, but will Apple follow suit?
The 2G problem
While 2G has long been dead technology in this part of the world, phones still don't quite know it. Many devices still search for the older technology when they are in signal black holes, and it can cause a lot of problems. This is because the technology is antique, with 3G infrastructure rolled out in the US starting in 2002 - 2 decades ago.
Similar to any wireless technology, the state of security on 2G networks is not very strong, especially compared to where we are today with 5G. This means that it is fairly easy to create a fake 2G connection that reports as legitimate. With that connection, an attacker could steal credentials, track bank information, and a lot more. This attack is almost identical to older WEP-secured Wi-Fi hotspots. When combining the 2G hijack with a wireless scrambler in the 3G, 4G, and now 5G ranges, you can force a phone to connect to your false 2G tower.
The Electronic Frontier Foundation (EFF) explains the problem saying,
There are two main problems with 2G. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and a phone using the 2G protocol will never be the wiser.
In the current version of Android, Android 12, Google has added a fantastic new feature for those of us in areas where 2G is dead - a kill switch. In this version of the operating system, you can go into the system settings and completely prevent your device from searching for and connecting to 2G networks.
If you are in a country where 2G has been retired, you should make sure this setting is turned on now. Not only will it prevent your phone from accidentally connecting to a bogus network, it will also save your battery. Constant searching for older network technology will kill your batter life faster than nearly any other activity. It's one of the reasons you might find your phone overheating in your pocket.
The question, of course, is whether or not Apple will follow suit and add a kill switch to iOS. With such a glaringly obvious issue that is fairly easy to take advantage of, it would seem to be a no brainer for Apple to get on board. It's made even more obvious when you think about Apple's campaign to convince you it cares about privacy.
The problem is that Apple has said nothing about implementing this important feature. Fortunately, the EFF is on the case, creating an easy way for users to tweet at Apple encouraging them to bring the feature to iOS. You can join the campaign by simply clicking the link above and hitting tweet.