CAPEC-609: Cellular Traffic Intercept

Detailed Draft 严重程度: Low

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

Cellular traffic for voice and data from mobile devices and retransmission devices can be intercepted via numerous methods. Malicious actors can deploy their own cellular tower equipment and intercept cellular traffic surreptitiously. Additionally, government agencies of adversaries and malicious actors can intercept cellular traffic via the telecommunications backbone over which mobile traffic is transmitted.

前提条件

  • None

所需技能

Medium Adversaries can purchase hardware and software solutions, or create their own solutions, to capture/intercept cellular radio traffic. The cost of a basic Base Transceiver Station (BTS) to broadcast to local mobile cellular radios in mobile devices has dropped to very affordable costs. The ability of commercial cellular providers to monitor for "rogue" BTS stations is poor in many areas and it is assumed that "rogue" BTS stations exist in urban areas.

后果影响

影响范围: Confidentiality

技术影响: Read Data

说明: Capture all cellular and RF traffic from mobile and retransmission devices. Move bulk traffic capture to storage area for cryptanalysis of encrypted traffic, and telemetry analysis of non-encrypted data. (packet headers, cellular power data, signal strength, etc.)

缓解措施

Encryption of all data packets emanating from the smartphone to a retransmission device via two encrypted tunnels with Suite B cryptography, all the way to the VPN gateway at the datacenter.

分类映射

分类名称 条目ID 条目名称
ATTACK 1111 Multi-Factor Authentication Interception
关键信息

CAPEC ID: CAPEC-609

抽象级别: Detailed

状态: Draft

典型严重程度: Low

相关攻击模式
ChildOf CAPEC-157

Sniffing Attacks

Standard
相关CWE弱点
CWE-311
返回列表