Downgrade to Insecure Protocols

An adversary could cause the mobile device to use less secure protocols, for example by jamming frequencies used by newer protocols such as LTE and only allowing older protocols such as GSM to communicate[1]. Use of less secure protocols may make communication easier to eavesdrop upon or manipulate.

ID: T1466
Sub-techniques:  No sub-techniques
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platforms: Android, iOS
MTC ID: CEL-3
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019
Provided by LAYER 8

Mitigations

ID Mitigation Description
M1009 Encrypt Network Traffic

Application-layer encryption (e.g. use of the Transport Layer Security protocol) or a Virtual Private Network (VPN) tunnel (e.g. using the IPsec protocol) may help mitigate weaknesses in the cellular network encryption.

References