Downgrade to Insecure Protocols

An adversary could cause the mobile device to use less secure protocols, for example by jamming frequencies used by newer protocols such as LTE and only allowing older protocols such as GSM to communicate[1]. Use of less secure protocols may make communication easier to eavesdrop upon or manipulate.

ID: T1466

Tactic Type:  Without Adversary Device Access

Tactic: Network Effects

Platform:  Android, iOS

MTC ID:  CEL-3

Version: 1.1

Mitigations

MitigationDescription
Encrypt Network TrafficApplication-layer encryption (e.g. use of the Transport Layer Security protocol) or a Virtual Private Network (VPN) tunnel (e.g. using the IPsec protocol) may help mitigate weaknesses in the cellular network encryption.

References