Threat Category: Cellular Air Interface
ID: CEL-4
Threat Description: A rogue base station could prevent devices from accessing emergency services. This can happen when a rogue station does not forward user traffic to the mobile network operator.
Threat Origin
3G Security: Security Threats and Requirements (Release 4) 1
LTE Architecture Overview and Security Analysis (Draft NISTIR 8071) 2
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Implement rogue base station detection.
Use bandband firmware that does not connect to a base station unless it has been verified as a legitimate device operated as part of a trusted mobile network.
Use baseband firmware that does not support deprecated communciation protocols that are more vulnerable to attack (e.g., 2G or 3G connections).
References
3G Security; Security Threats and Requirements (Release 4), 3GPP TS 21.133 V4.0.0, 3rd Generation Partnership Project, 2003; www.3gpp.org/ftp/tsg_sa/wg3_security/_specs/Old_Vsns/21133-400.pdf [Accessed 8/23/2016] ↩
J. Cichonski, J.M. Franklin, and M. Bartock, NIST Special Publication 800-187: Guide to LTE Security, National Institute of Standards and Technology, 2017; https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf [Accessed 3/29/2022] ↩