This undated handout photo provided by the U.S. Patent and Trademark Office shows the StingRay II, manufactured by Harris Corporation, of Melbourne, Fla., a cellular site simulator used for surveillance purposes. Federal law enforcement officials are routinely required to get a search warrant before using secretive and intrusive cellphone-tracking technology, but evidence suggests that spies and criminals may be using these rogue devices to intercept cellphone data.
Credit: U.S. Patent and Trademark/AP
Washington, D.C., may be home to spies and criminals using spying devices to intercept people’s cellphone calls and text messages.
In a March 26 letter, the U.S Department of Homeland Security publicly acknowledged, for the first time, that these devices, known as cell-site simulators, were being used anonymously in the country’s capital, the Associated Press reported. The devices, often known as Stingray devices, should be marketed and sold only to law enforcement agencies, but the new letter acknowledges that others are using the devices and that they pose a “real and growing risk.”
But what exactly are cell-site simulators, and is there anything people can do to protect themselves against snooping?
“They are essentially a fake cell tower that tricks phones into connecting to it and can then obtain the phone’s location and track the phone’s location,” said Cooper Quintin, a senior technologist and security researcher at the Electronic Frontier Foundation, a nonprofit digital-rights group based in San Francisco.
How they work
In older, 2G networks (an earlier version of the cellular network), cellphones were required to verify themselves, or prove that the person using the cellphone had a valid service plan. But towers did not have to verify themselves. So, any device that sent out similar signals to the cellphone tower could “impersonate” that specific tower, Quintin said.
Though more-advanced cellphone networks, such as 3G and 4G, have patched that security bug, the makers of these spying devices still tout their ability to track people’s phones, which means there are still security bugs in the cellular network being exploited, Quintin said.
“They also claim they can intercept conversations [and] intercept text messages, and [they] sometimes even say they can plant malware in peoples’ cellphones,” Cooper told Live Science. “None of their claims have been proven.”
The devices work by forcing phones to drop down to a lower, less secure 2G network, according to the AP.
Despite imitating cellphone towers, the devices can be small and incredibly inconspicuous, Quintin said. Some are set up in the backs of trucks that have a few antennas on them, but some are the size of a cellphone or are embedded in a vest.
Quintin built one that was the size of a small loaf of bread. (He placed it in a Faraday cage, so it could not connect to or disrupt other cellphone users.)
Cell-site simulators don’t just violate people’s privacy; they can also be dangerous, Quintin said.
“From what we can tell, cell-site simulators disrupt cell service for everyone in the area, potentially even disrupting access to 911 for people in the area,” he said.
People who want to protect their communications can use end-to-end encryption with apps like Signal or WhatsApp, but people can do little to protect themselves against the location tracking of cell-tower simulators, Quintin said.
While law enforcement agencies are the primary lawful users of these devices, embassies in Washington, D.C., which are on “sovereign soil,” can also lawfully install a spying device.
Every embassy “worth their salt” has a cell-tower simulator installed, Aaron Turner, president of the mobile security consultancy IntegriCell, told the AP. The Russians have simulators that can track people from a mile (1.6 kilometers) away, Turner told the AP.
SOURCE: Live Science