Exploit SS7 to Redirect Phone Calls/SMS

An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker's control. The adversary could then act as a man-in-the-middle to intercept or manipulate the communication. [1] [2] [3] [4] [5] Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication[6].

ID: T1449

Tactic Type:  Without Adversary Device Access

Tactic: Network Effects

Platform:  Android, iOS

MTC ID:  CEL-37

Version: 1.1

Mitigations

Mitigation Description
Encrypt Network Traffic Use of end-to-end encryption of voice calls and text messages "provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping."[5]
Interconnection Filtering

Detection

Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC). [5] The CSRIC also suggests threat information sharing between telecommunications industry members.

References