Threat Category: Cellular Air Interface
ID: CEL-6
Threat Description: A compromised base station enables eavesdropping on either voice or data transmissions. Small cell base stations may be less current on patches and configurations than larger base stations.
Threat Origin
Researchers exploit cellular tech flaws to intercept phone calls 1
LTE Architecture Overview and Security Analysis (Draft NISTIR 8071) 2
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Use applications that strongly encrypt data prior to transmission of data over cellular interfaces.
References
J. Vijayan, “Researchers Exploit Cellular Tech Flaws to Intercept Phone Calls”, ComputerWorld, 1 Aug. 2013; http://www.computerworld.com/article/2484538/cybercrime-hacking/researchers-exploit-cellular-tech-flaws-to-intercept-phone-calls.html [accessed 8/23/2016] ↩
J. Cichonski, J.M. Franklin, and M. Bartock, NIST Special Publication 800-187: Guide to LTE Security, National Institute of Standards and Technology, 2017; https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf [Accessed 3/29/2022] ↩