The Department of Homeland Security has found evidence that foreign spies are using fake mobile base stations, commonly known as stingrays, to gather information in Washington, DC.
In a March 26 letter, the U.S Department of Homeland Security publicly acknowledged, for the first time, that these devices, known as cell-site simulators, were being used anonymously in the country’s capital, the Associated Press reported.
The devices, often known as Stingray devices or IMSI-catchers, should be marketed and sold only to law enforcement agencies, but the new letter acknowledges that others are using the devices and that they pose a “real and growing risk.”
For years, privacy advocacy groups have warned us that the use of the surveillance devices have been shrouded in too much secrecy. In the U.S., IMSI (international mobile subscriber identity) catchers are typically purchased and used by law enforcement, FBI, the Drug Enforcement Administration and Immigration and Customs Enforcement in order to monitor the cellphone chats of targets. Some campaigners often warn, that the tech also endangers the privacy of civilians not suspected of any crime.
How does a IMSI Catcher work?
The snooping process is more or less simple, the ‘stingray’ device works by posing as a legitimate cell tower which is searching for phones in the proximity of the device. By using a stronger signal compared to a real tower, it dupes devices in its radius to connect to it, giving the operator the ability to record key information and intercept chats. Basically spoken it acts like a MITM (Man-in-the-Middle) in order to compromise you or the device.
The Government officials with certain hardened, ultra-secure cell phones aren’t be affected by Stingray activity but this doesn’t matter because most people are just using off-the-shelf smartphones. They could easily be picked up by illicit eavesdropping devices.
Anti-Stingray devices seem inefficient against spying, as recently shown. The 5G network might help to protect us against fake mobile stations. But it’s unclear if 5G can really what it promises, more security and faster speed, some people have doubts that the security aspect is in the focus rather than offering more speeds.
Android-IMSI Catcher Detector not got the attention it deserved but since it was initially created a lot of things have changed in newer Android OS versions. It’s a universal app in order to reduce several attack vectors and to detect possible surveillance among some other features.
There is also a website which shows several interesting information about stingrays, how they are been used, in which countries and you can sign a petition against IMSI-Catchers.
5G might help but the time will show us if it’s really more secure or if old tricks still working in order to ‘catch’ you in order to gather information. Agencies are not stupid, they try to get you and they will find a way. What I suggest is if you’re a target person just turn your phone of when you visit a demonstration or leave it at home, this doesn’t solve the problem but it at least lowers the chance that you get caught by shady little tricks.
We simply need better and more secure protocols, that’s the point trying to fix broken things is at some point only a waste of time.