GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they use.
The Mobile Threat Intelligence Framework (MoTIF) is focused on mobile network-related attacks that are not already covered by existing public frameworks like MITRE ATT&CK (for Enterprise and for Mobile) and MITRE FiGHT.
In scope are 2G, 3G, 4G, 5G, including all kind of telecommunication service enablers (e.g., roaming, SMS, VoIP) and future mobile technology evolutions. Fraud attacks against mobile networks and their customers are also included.
MoTIF Principles provides an overview of MoTIF and defines the techniques and sub-techniques designated in the framework.
It also describes how MoTIF can be represented in STIX, a structured language for describing cyber threat information.
Must read: 10 cybersecurity frameworks you need to know about