Exploit SS7 to Track Device Location

An adversary could exploit signaling system vulnerabilities to track the location of mobile devices. [1] [2] [3] [4] [5]

ID: T1450
Sub-techniques:  No sub-techniques
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platforms: Android, iOS
MTC ID: CEL-38
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019
Provided by LAYER 8

Procedure Examples

ID Name Description
S0602 Circles

Circles can track the location of mobile devices.[6]

Mitigations

ID Mitigation Description
M1014 Interconnection Filtering

Detection

Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation.[7] The CSRIC also suggests threat information sharing between telecommunications industry members.

References