CAPEC-617: Cellular Rogue Base Station
In this attack scenario, the attacker imitates a cellular base station with their own "rogue" base station equipment. Since cellular devices connect to whatever station has the strongest signal, the attacker can easily convince a targeted cellular device (e.g. the retransmission device) to talk to the rogue base station.
Last updated
Overview
CAPEC-617 (Cellular Rogue Base Station) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- None
Skills required
- Low skill: This technique has been demonstrated by amateur hackers and commercial tools and open source projects are available to automate the attack.
Consequences
What a successful CAPEC-617 attack can achieve.
Read Data
Affects: Confidentiality
Intercept and control cellular data communications to/from mobile device.
How to mitigate it
Defenses that reduce the risk of CAPEC-617.
- Passively monitor cellular network connection for real-time threat detection and logging for manual review.