What is it and what is it intended for?
Mobile Threat Modelling Framework is a compatible combination of the enterprise, mobile and ICS matrices of the MITRE ATT&CK framework. The first iteration of this framework intends to adapt and grow – as we see the need to accommodate more techniques as more attacks become known. Our perspective is to have this framework as a de-facto model for all members of the telco cybersecurity (& sharing) community.
Why is it important?
CMTMF is a tool to enhance efforts and further extend the cyber threat intelligence paradigm in the telco sector. It can oversee the impact an attack or an exploit on a device connected to a mobile network can have on both surrounding devices and potentially the underlying infrastructure. The framework allows for better analyses of the ever-increasing and expanding attack types that target their infrastructures and connected devices.