In July of last year, three cyber experts from the Dutch consulting company "Midnight Blue" discovered five vulnerabilities in the TETRA digital radio communication system. Two vulnerabilities are marked as "critical". "Armed" with an average computer, they approached a port where the TETRA radio system is used for communication and confirmed their hypothesis by breaking the encryption of the radio signals used. This project is known as TETRA burts.
Although the discoveries of the Dutch white hat hacker caused a wave of reactions at the European level, the event was not even mentioned in the Western Balkans region. However, it is precisely in this region that critical national infrastructure services use TETRA algorithms, which have proven to be the most vulnerable. Police, military, rescue services, ports, airports use today digital radio systems that any solid hacker could attack.
Research by "Vremen" brings information about what TETRA actually is, what vulnerabilities are involved and how they can be abused, which institutions are "under attack", as well as whether anything has been done based on these discoveries.
WHAT IS TETRA??
TETRA is a digital radio communication system that is primarily used for communication by emergency services, public safety, transportation, as well as by government and military organizations. It was developed under the auspices of the European Telecommunications Standards Institute (ETSI) in 1995 and is used in more than a hundred countries around the world.
The introduction of the TETRA system was preceded by analog, specialized mobile phones, as well as trunking radio systems. It is not unknown that earlier analog radio systems used in the security sector could be intercepted by third parties. Radio amateurs with whom "Vreme" spoke today generally have no knowledge of the TETRA network. Also, completely independent handheld radio stations that are not part of the network cannot interfere with its frequencies. However, TETRA was welcomed as a kind of revolution in the field of radio communication systems. It offered data encryption, integration of voice and text messages, dynamic channel allocation (a number of users can share the same frequency range, without mutual interference), as well as the creation of temporary communication groups in real time (suitable for emergencies).
The chain of communication through the TETRA radio system works as follows. The user on the handheld radio presses a button to initiate a call. The signal is sent to the nearest base station, which functions as a local node that receives, processes and routes radio signals. The signal is forwarded to the Network Control Center (MSC) which analyzes the request and determines the best way to establish communication with the requested unit. MSC processes are mostly automated, but in some cases human intervention is necessary. If the other unit is available and within the network coverage, the MSC establishes a communication channel between the two radio stations. When the communication is complete, the MSC releases the connection and makes it available for other pairings.
Communication between two handheld stations can go through the base station, as well as directly, if one of them is not in the coverage area of the base station.
When it is necessary to create a new communication channel, a user or a group of users initiates a request which is processed by the MSC by assigning frequency, bandwidth and time slots. When the connection is established, users are notified and can start group and individual calls. On the other hand, when a user wants to join an already existing channel, he first sends a request (most often via his hand-held radio) to the network control center. MSC performs user authentication (manual radio station identification and user credentials check) and channel access rights check, and if all checks are successful, allows him to access the channel.
The system relies on cryptographic algorithms, which are kept secret by ETSI and which, until the recent discovery, were thought to make TETRA impenetrable. There are two types of algorithms - authentication (TAA1) and encryption (TEA). The encryption ones are important for this story. The TEA algorithm consists of four types of ciphers (TEA1, TEA2, TEA3 and TEA4), each of which has an 80-bit key.
VULNERABILITIES
One of the trio from the company "Midnight Blue" Jos Wetzels tells "Vreme" that in the case of the countries that are the subject of this research (Serbia and Montenegro), two critical vulnerabilities should be distinguished. The first critical vulnerability it points to is related to the TEA1 code. Namely, they managed to find it backdoor cuts which allows an 80-bit key to be converted to a 30-bit key. The length of the key is a key factor in ensuring the security of the cipher, because the longer the key, the more difficult it is to decrypt the encrypted content without knowing the key. In the context of encryption, an 80-bit key provides a solid level of security, while a 30-bit key is considered very weak by today's security standards, as it offers a relatively small number of possible key combinations. In other words, it can be broken very quickly using brute-strength an attack, in which the attacker, by computer, systematically tries all possible combinations until he finds the one that decrypts the data.
Key security services (army, police) of most European countries use the code TEA2, while the code TEA3 is used in other emergency services. However, Serbia and Montenegro use the TEA1 code for the needs of all services, although all three countries acquired the theoretical conditions to switch to the TEA2 system years ago.
Wetzels explains that the biggest danger of the TEA1 vulnerability lies in the use of this algorithm for data transmission. So not only audio radio calls, but when TETRA is used for SCADA systems. These are systems for centralized, remote management of industrial processes, electrical networks, waterworks, oil pipelines.
The TEA1 encryption algorithm is subject to i hijacking attacks, in which an attacker takes control of a communication session between two parties, which can allow redirection, modification or interference of the original messages.
Another critical vulnerability relates to the type of encryption used by TETRA - "Air Interface Encryption (AIE)". This mechanism for generating a series of keys in the encryption process uses the time provided by the network as one of the input parameters. However, network time is broadcast publicly and without authentication, meaning that anyone can access this information without identity verification or access. In other words, this is a potential security risk. "Midnight blue" pointed out that if an attacker predicts or knows some of the parameters used to generate the keys (such as network time), he could potentially perform attacks that allow him to decrypt or break encrypted communications.
The most secure type of encryption is end-to-end encryption, according to which the message is encrypted at the sender and decrypted at the receiver, so there is no possibility of it being intercepted in between. However, TETRA does not offer this option in its standard algorithms, but uses the AIE mechanism. There is a possibility of upgrading to end-to-end encryption, but it is rarely used in the region because it requires additional investments.
Photo: Miloš Milivojević/Tanjug...
SERBIA
TETRA was introduced in Serbia in 2003 during the mandate of Dušan Mihajlović, then Minister of Internal Affairs, who concluded an agreement with Motorola, the manufacturer of TETRA equipment. During the mandate of Ivica Dačić, controversies surrounding the financing of TETRA equipment and maintenance followed the MUP and the distributor at the time - the domestic company Vlatacom.
The TETRA network infrastructure can operate on only one encryption algorithm at a time. Since TEA1 (the algorithm for which cyber experts found the most critical vulnerabilities) was originally used in Serbia, it has remained the same until today.
During Dacic's mandate, TETRA was largely financed by the European Commission. In the European documentation, information can be found that Motorola equipment was used, more precisely the Dimetra series of TETRA equipment with the TEA1 cryptographic algorithm. This Motorola series of TETRA equipment is certified by the European Critical Communication Association (TCCA). In the same documentation, it is stated that the base stations are planned for border crossings, and that the cables that connect different parts of the TETRA infrastructure are copper wire cables. A "Vremena" source close to this topic, who wished to remain anonymous, said that these connections were destroyed during the floods in 2014, and that communication with the TETRA terminals, which were then used by the rescue services, was disabled.
The main operator of the TETRA network in Serbia is the Ministry of Interior and the Directorate for Communication and Cryptoprotection within this ministry, and the headquarters is located in one of the buildings of the Ministry of Interior in Kneza Miloša Street. The frequency range used in Serbia for the TETRA network is 380-400 hertz. However, signal coverage is not measured by the Regulatory Authority for Electronic Communications and Postal Services (RATEL), but by the Ministry of Interior. In the report of the World Bank, it is mentioned that "TETRA signal coverage at the borders is 100%, but not in the interior".
Various subsystems are connected to the TETRA network of the Ministry of Interior of Serbia. Among the beneficiaries are the City Headquarters for Emergency Situations of the City of Belgrade, which acquired TETRA stations in 2016, then a helicopter unit, Kruševac, Elektromreža, EPS, Putevi, City Cleanliness of Belgrade and other institutions.
In addition to the mentioned, TETRA radio communication systems are also used by other institutions, including the Security Information Agency (BIA).
TETRA radio-systems were discussed in public only sporadically - the statements mostly went in the direction of praising that a new, completely safe system had been acquired. During his previous mandate at the head of the Ministry of Internal Affairs (during the previous government), Ivica Dačić characterized it as a "closed system that allows for no eavesdropping". However, in the security services, the TETRA radio system is shrouded in a certain veil of silence, so the journalists of "Vremen" were denied answers from the MUP until the end of this text.
It is interesting that in the court proceedings against Dijana Hrkalović before the Special Court, one of the witnesses said that in 2017, the Internal Control of the MUP noticed irregularities in the use of the TETRA network, and issued an advisory measure for all organizational units to be included in the function. system for monitoring the movements of TETRA terminal users. The idea behind this feature was to locate handheld radios. Information leaked to the media that the Bosnian criminal Darko Elez had one of the hand-held radio stations of the TETRA network with him.
It is not known whether the internal control of the MUP sanctioned anyone in this regard.
At some point, instead of Vlatacom, the distributor of the TETRA system became the Serbian representative office of the company TeleGroup, which, as it states in its brochure, provides maintenance services for the TETRA system to Telekom, fire and utility services.
THE MONTENEGRO CASE
Research by "Vremena" identified that TETRA radio systems with the encryption TEA1 algorithm are used in Montenegro by the Ministry of Internal Affairs, the Ministry of Defense, the Protection and Rescue Services, the Municipal Police, the Electricity Distribution Company, as well as the state construction company Monteput.
As a revolutionary solution, TETRA was first presented in 2013, and it began to be implemented the following year, through several phases - first in Podgorica and on the coast, and then in the rest of the country. The procurement of equipment and implementation of the system in Montenegrin services that use TETRA is done by the company Wireless Montenegro, which was created as a result of a public-private partnership.
In contrast to Serbia, the search for publicly available data did not yield any results on scandals related to the TETRA system. Only one police officer was found to have lost his hand-held radio, but he was soon sanctioned.
The Ministry of Internal Affairs of Montenegro did not answer the journalists of "Vremena" when asked whether they are aware of the vulnerabilities of the TEA1 algorithm and whether they are planning to switch to TEA2. The reason, as they stated, is that TETRA services are provided to the security services, and that the project is classified as "internal".
The company Wireless Montenegro, which procures and installs the equipment, did not answer the phone.
WHAT NEXT?
Unlike Montenegro, Serbia is a member of the Critical Communication Association (TCCA).
The services of Serbia and Montenegro that use TETRA radio systems are faced with several possibilities, if there is a will to raise the security of these communication systems to a higher level and avoid potential cyber attacks.
In a conversation with "Vremena" journalists, Jos Wetzels says that their research so far points to the fact that all three countries theoretically meet the conditions for switching to the TEA2 encryption algorithm. However, as he explains, all changes to TETRA systems require significant investment, not only from the government agencies that use TETRA, but also from the suppliers responsible for the procurement and installation of this equipment. Therefore, a potential transition to a new encryption would require the construction of a completely new infrastructure.
Also, Wetzels adds that in order to switch to the new algorithm, it would be necessary to completely "shut down" the entire TETRA network, which "simply does not happen" in practice. It therefore concludes that the theoretical possibility of transition is not the same as transition when the hardware infrastructure for TEA2 is already in place.
"Vremena" journalists contacted the European Institute for Telecommunications Standards (ETSI). When asked what options are left for these countries to improve the security of the TETRA system, ETSI says that the countries should first determine the requirements for the security of the system and make a threat assessment with the current systems in order to map potential risks. They add that they then have several options in front of them: to consult with suppliers regarding improving security, start using end-to-end encryption or switch to one of the more advanced encryption algorithms, such as TEA2.
In response to "Vremena" questions addressed to the TCCA organization, the answer was that Serbia and Montenegro, as candidates for EU membership, have the right to switch to TEA2, but that this decision should be made exclusively by the ordering parties and suppliers.
Northern Macedonia
Unlike Serbia and Montenegro, the Ministry of Internal Affairs of North Macedonia does not use the TEA1 algorithm, but a stronger encryption - TEA2, they stated in a written reply to the journalists of "Vremena". Former Interior Minister Oliver Spasovski once said that the Macedonian police use the same algorithm as the police of EU countries.
In addition to the police, the Macedonian army, fire services, crisis centers and emergency services also use the TETRA network. At the beginning of 2022, with the help of European Union funds, North Macedonia completed the TETRA system improvement project and switched some users to the TEA4 encryption algorithm. The Dutch hackers' vulnerability testing did not include the TEA4 algorithm.
According to official sources, the territory of North Macedonia is currently 90 percent covered by the TETRA network. Unlike Serbia and Montenegro, North Macedonia procured TETRA equipment directly from the manufacturer, the company Hytera, which, according to "Vremena" sources, is more efficient for setting up the infrastructure.
However, in 2017, during the incident in the Macedonian Parliament - Sobranje, when protesters attacked the then-mandate, the TETRA function for recording conversations that are broadcast over the network failed. Later, an investigation was launched into how the function stopped working, but the epilogue is unknown.
