Exploit SS7 to Track Device Location

An adversary could exploit signaling system vulnerabilities to track the location of mobile devices. [1] [2] [3] [4] [5]

ID: T1450

Tactic Type:  Without Adversary Device Access

Tactic: Network Effects

Platform:  Android, iOS

MTC ID:  CEL-38

Version: 1.1

Mitigations

MitigationDescription
Interconnection Filtering

Detection

Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation.[6] The CSRIC also suggests threat information sharing between telecommunications industry members.

References