An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker's control. The adversary could then act as an adversary-in-the-middle to intercept or manipulate the communication.      Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication.
|M1009||Encrypt Network Traffic||
Use of end-to-end encryption of voice calls and text messages "provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping."
Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC).  The CSRIC also suggests threat information sharing between telecommunications industry members.