Home > CAPEC List > CAPEC-609: Cellular Traffic Intercept (Version 2.11)  

CAPEC-609: Cellular Traffic Intercept

Cellular Traffic Intercept
Definition in a New Window Definition in a New Window
Attack Pattern ID: 609
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

Cellular traffic for voice and data from mobile devices and retransmission devices can be intercepted via numerous methods. Malicious actors can deploy their own cellular tower equipment and intercept cellular traffic surreptitiously. Additionally, government agencies of adversaries and malicious actors can intercept cellular traffic via the telecommunications backbone over which mobile traffic is transmitted.

+ Attack Prerequisites
  • None

+ Typical Severity


+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: Medium

Adversaries can purchase hardware and software solutions, or create their own solutions, to capture/intercept cellular radio traffic. The cost of a basic Base Transceiver Station (BTS) to broadcast to local mobile cellular radios in mobile devices has dropped to very affordable costs. The ability of commercial cellular providers to monitor for “rogue” BTS stations is poor in many areas and it is assumed that “rogue” BTS stations exist in urban areas.

+ Solutions and Mitigations

Encryption of all data packets emanating from the smartphone to a retransmission device via two encrypted tunnels with Suite B cryptography, all the way to the VPN gateway at the datacenter.

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
Read application data
Capture all cellular and RF traffic from mobile and retransmission devices. Move bulk traffic capture to storage area for cryptanalysis of encrypted traffic, and telemetry analysis of non-encrypted data. (packet headers, cellular power data, signal strength, etc.)
+ Technical Context
Architectural Paradigms
+ Content History
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team
CAPEC Content TeamThe MITRE Corporation2015-12-07Updated Related_Attack_PatternsInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 04, 2017