Mobile Threat Catalogue

Backhaul and Core Eavesdropping

Contribute

Threat Category: Carrier Infrastructure

ID: CEL-28

Threat Description: If the LTE network is not utilizing confidentiality protection on the backhaul interface the communication being sent to and received from cell sites is vulnerable to eavesdropping.1

Threat Origin

Not Applicable, See Exploit or CVE Examples

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures

Mobile Network Operator

Ensure Confidentiality Protection of S1 Interface

Encrypt Exposed Interfaces Between Core Network Components

Enterprise

To mitigate the impact of eavesdropping on an unencrypted backhaul or core network communications channel, employ over-the-top encryption services to user-plane data prior to transmission off the mobile device.

Mobile Device User

To mitigate the impact of eavesdropping on an unencrypted backhaul or core network communications channel, employ over-the-top encryption services to user-plane data prior to transmission off the mobile device.

References

  1. J. Cichonski, J.M. Franklin, and M. Bartock, NIST Special Publication 800-187: Guide to LTE Security, National Institute of Standards and Technology, 2017; https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf [Accessed 3/29/2022]