Mobile Threat Catalogue

Call / Data Eavesdropping via Compromised Small Cell

Contribute

Threat Category: Cellular Air Interface

ID: CEL-6

Threat Description: A compromised base station enables eavesdropping on either voice or data transmissions. Small cell base stations may be less current on patches and configurations than larger base stations.

Threat Origin

Researchers exploit cellular tech flaws to intercept phone calls 1

LTE Architecture Overview and Security Analysis (Draft NISTIR 8071) 2

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures

Enterprise

Use applications that strongly encrypt data prior to transmission of data over cellular interfaces.

References

  1. J. Vijayan, “Researchers Exploit Cellular Tech Flaws to Intercept Phone Calls”, ComputerWorld, 1 Aug. 2013; http://www.computerworld.com/article/2484538/cybercrime-hacking/researchers-exploit-cellular-tech-flaws-to-intercept-phone-calls.html [accessed 8/23/2016] 

  2. J. Cichonski, J.M. Franklin, and M. Bartock, NIST Special Publication 800-187: Guide to LTE Security, National Institute of Standards and Technology, 2017; https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf [Accessed 3/29/2022]