The sub-techniques beta is now live! Read the release blog post for more info.

Exploit SS7 to Track Device Location

An adversary could exploit signaling system vulnerabilities to track the location of mobile devices. [1] [2] [3] [4] [5]

ID: T1450
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platform: Android, iOS
MTC ID: CEL-38
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019

Mitigations

Mitigation Description
Interconnection Filtering

Detection

Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation.[6] The CSRIC also suggests threat information sharing between telecommunications industry members.

References