T1a
Eavesdropping user traffic: Intruders may eavesdrop user traffic on the radio interface. (MAJOR)
T1b
Eavesdropping signalling or control data: Intruders may eavesdrop signalling data or control data on the radio interface. This may be used to access security management data or other information which may be useful in conducting active attacks on the system.
T1c
Masquerading as a communications participant: Intruders may masquerade as a network element to intercept user traffic, signalling data or control data on the radio interface. (MAJOR)
T1d
Passive traffic analysis: Intruders may observe the time, rate, length, sources or destinations of messages on the radio interface to obtain access to information. (MAJOR)
T4a
Masquerading as another user: An intruder may masquerade as another user towards the network.. The intruder first masquerades as a base station towards the user, then hijacks his connection after authentication has been performed.
T5b
Eavesdropping signalling or control data: Intruders may eavesdrop signalling data or control data on any system interface, whether wired or wireless. This may be used to access security management data which may be useful in conducting other attacks on the system.
T6e
Manipulation of the terminal or USIM behaviour by masquerading as the originator of applications and/or data: Intruders may masquerade as the originator of malicious applications and/or data downloaded to the terminal or USIM.
T9a
Masquerading as a user: Intruders may impersonate a user to utilise services authorised for that user. The intruder may have received assistance from other entities such as the serving network, the home environment or even the user himself. (MAJOR)
T9b
Masquerading as a serving network: Intruders may impersonate a serving network, or part of an serving network's infrastructure, perhaps with the intention of using an authorised user's access attempts to gain access to services himself.
T9d
Misuse of user privileges: Users may abuse their privileges to gain unauthorised access to services or to simply intensively use their subscriptions without any intent to pay. (MAJOR)
T10a
Use of a stolen terminal and UICC: Intruders may use stolen terminals and UICCs to gain unauthorised access to services. (MAJOR)
T10c
Use of a stolen terminal: Users may use a valid USIM with a stolen terminal to access services. (MAJOR)
T10d
Manipulation of the identity of the terminal: Users may modify the IMEI of a terminal and use a valid USIM with it to access services. (MAJOR)
T10e
Integrity of data on a terminal: Intruders may modify, insert or delete applications and/or data stored by the terminal. Access to the terminal may be obtained either locally or remotely, and may involve breaching physical or logical controls.
T10f
Integrity of data on USIM: Intruders may modify, insert or delete applications and/or data stored by the USIM. Access to the USIM may be obtained either locally or remotely.
T10k
Confidentiality of authentication data in the UICC/USIM: Intruders may wish to access authentication data stored by the service provider, e.g. authentication key. (MAJOR)