Jared Ondricek
83 lines
4.2 KiB
JSON
83 lines
4.2 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--e4b93ea2-e2cb-47c6-aad5-58d43162b28f",
|
|
"spec_version": "2.0",
|
|
"objects": [
|
|
{
|
|
"type": "attack-pattern",
|
|
"id": "attack-pattern--52651225-0b3a-482d-aa7e-10618fd063b5",
|
|
"created": "2017-10-25T14:48:09.864Z",
|
|
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"revoked": true,
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"url": "https://attack.mitre.org/techniques/T1450",
|
|
"external_id": "T1450"
|
|
},
|
|
{
|
|
"source_name": "3GPP-Security",
|
|
"description": "3GPP. (2000, January). A Guide to 3rd Generation Security. Retrieved December 19, 2016.",
|
|
"url": "http://www.3gpp.org/ftp/tsg_sa/wg3_security/_specs/33900-120.pdf"
|
|
},
|
|
{
|
|
"source_name": "CSRIC5-WG10-FinalReport",
|
|
"description": "Communications Security, Reliability, Interoperability Council (CSRIC). (2017, March). Working Group 10 Legacy Systems Risk Reductions Final Report. Retrieved May 24, 2017.",
|
|
"url": "https://www.fcc.gov/files/csric5-wg10-finalreport031517pdf"
|
|
},
|
|
{
|
|
"source_name": "CSRIC-WG1-FinalReport",
|
|
"description": "CSRIC-WG1-FinalReport"
|
|
},
|
|
{
|
|
"source_name": "Positive-SS7",
|
|
"description": "Positive Technologies. (n.d.). SS7 Attack Discovery. Retrieved December 19, 2016.",
|
|
"url": "https://www.ptsecurity.com/upload/ptcom/PT-SS7-AD-Data-Sheet-eng.pdf"
|
|
},
|
|
{
|
|
"source_name": "Engel-SS7-2008",
|
|
"description": "Tobias Engel. (2008, December). Locating Mobile Phones using SS7. Retrieved December 19, 2016.",
|
|
"url": "https://www.youtube.com/watch?v=q0n5ySqbfdI"
|
|
},
|
|
{
|
|
"source_name": "Engel-SS7",
|
|
"description": "Tobias Engel. (2014, December). SS7: Locate. Track. Manipulate.. Retrieved December 19, 2016.",
|
|
"url": "https://berlin.ccc.de/~tobias/31c3-ss7-locate-track-manipulate.pdf"
|
|
},
|
|
{
|
|
"source_name": "NIST Mobile Threat Catalogue",
|
|
"url": "https://pages.nist.gov/mobile-threat-catalogue/cellular-threats/CEL-38.html",
|
|
"external_id": "CEL-38"
|
|
}
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
|
|
],
|
|
"modified": "2025-04-18T18:00:38.781Z",
|
|
"name": "Exploit SS7 to Track Device Location",
|
|
"description": "An adversary could exploit signaling system vulnerabilities to track the location of mobile devices. (Citation: Engel-SS7) (Citation: Engel-SS7-2008) (Citation: 3GPP-Security) (Citation: Positive-SS7) (Citation: CSRIC5-WG10-FinalReport)",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "mitre-mobile-attack",
|
|
"phase_name": "network-effects"
|
|
}
|
|
],
|
|
"x_mitre_attack_spec_version": "3.2.0",
|
|
"x_mitre_deprecated": false,
|
|
"x_mitre_detection": "Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation.(Citation: CSRIC-WG1-FinalReport) The CSRIC also suggests threat information sharing between telecommunications industry members.",
|
|
"x_mitre_domains": [
|
|
"mobile-attack"
|
|
],
|
|
"x_mitre_is_subtechnique": false,
|
|
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"x_mitre_platforms": [
|
|
"Android",
|
|
"iOS"
|
|
],
|
|
"x_mitre_version": "1.1",
|
|
"x_mitre_tactic_type": [
|
|
"Without Adversary Device Access"
|
|
]
|
|
}
|
|
]
|
|
} |