The Associated Press reported on April 3, 2018 that the Department of Homeland Security (DHS) has confirmed that it found what appear to be unauthorized cell-site simulators, also known as Stingrays, in Washington DC.
For the first time, the U.S. government has publicly acknowledged the existence in Washington, DC of what appear to be rogue devices that foreign spies and criminals could be using to track individual cellphones and intercept calls and messages. The use of what are known as cellphone-site simulators by foreign powers has long been a concern, but American intelligence and law enforcement agencies - which use such eavesdropping equipment themselves - have been silent on the issue until now.
In a March 26, 2018 letter to Oregon Sen. Ron Wyden, the Department of Homeland Security acknowledged that last year it identified suspected unauthorized cell-site simulators in the nation’s capital. The agency said it had not determined the type of devices in use or who might have been operating them. Nor did it say how many it detected or where.
The devices work by tricking mobile devices into locking onto them instead of legitimate cell towers, revealing the exact location of a particular cellphone. More sophisticated versions can eavesdrop on calls by forcing phones to step down to older, unencrypted 2G wireless technology. Some attempt to plant malware.
I mentioned Stingray devices here in the blog in November 2017. There are apps, like Snoop Snitch (for Android), that attempt to detect devices like Stingray, but they are not 100% effective.
To defeat devices like Stingray and Hailstorm you need strong encryption, like that provided by Signal or Tox. Use a VPN or TOR to encrypt your cellular internet traffic. This won't keep Stingray and Hailstorm from capturing your metadata, but will protect the content of your conversations and text messages.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.