Threat Category: Carrier Infrastructure
ID: CEL-28
Threat Description: If the LTE network is not utilizing confidentiality protection on the backhaul interface the communication being sent to and received from cell sites is vulnerable to eavesdropping.1
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Ensure Confidentiality Protection of S1 Interface
Encrypt Exposed Interfaces Between Core Network Components
EnterpriseTo mitigate the impact of eavesdropping on an unencrypted backhaul or core network communications channel, employ over-the-top encryption services to user-plane data prior to transmission off the mobile device.
Mobile Device UserTo mitigate the impact of eavesdropping on an unencrypted backhaul or core network communications channel, employ over-the-top encryption services to user-plane data prior to transmission off the mobile device.
References
J. Cichonski, J.M. Franklin, and M. Bartock, NIST Special Publication 800-187: Guide to LTE Security, National Institute of Standards and Technology, 2017; https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf [Accessed 3/29/2022] ↩