Exploit SS7 to Track Device Location

An adversary could exploit signaling system vulnerabilities to track the location of mobile devices. [1] [2] [3] [4] [5]

ID: T1450
Sub-techniques:  No sub-techniques
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platforms: Android, iOS
MTC ID: CEL-38
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019

Mitigations

Mitigation Description
Interconnection Filtering

Detection

Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation.[6] The CSRIC also suggests threat information sharing between telecommunications industry members.

References