Threat Category: Consumer-grade Femtocell
ID: CEL-11
Threat Description: When a femtocell is rooted, the operator can gain further access into the data passing through it. This could allow unauthorized modification, insertion, and deletion of user traffic.
Threat Origin
I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
To increase detection of compromised devices, use small cells implemented with secure boot technologies.
Mobile Network OperatorTo increase detection of compromised devices, use small cells implemented with secure boot technologies.
References
D. DePerry and T. Ritter, I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell, presented at DEFCON 21, 2 Aug. 2013; www.defcon.org/images/defcon-21/dc-21-presentations/DePerry-Ritter/DEFCON-21-DePerry-Ritter-Femtocell-Updated.pdf [accessed 8/29/2016] ↩