The Internet is abuzz with reports of mysterious devices sprinkled across America—many of them on military bases—that connect to your phone by mimicking cell phone towers and sucking up your data. There is little public information about these devices, but they are the new favorite toy of government agencies of all stripes; everyone from the National Security Agency to local police forces are using them.
These fake towers, known as “interceptors,” were discovered in July by users of the CryptoPhone500, one of the ultra-secure cell phones released after Edward Snowden’s leaks about NSA snooping. The phone is essentially a Samsung Galaxy S3 customized with high-level encryption that costs around $3,500. While driving around the country, CryptoPhone users plotted on a map every time they connected to a nameless tower (standard towers run by wireless service providers like Verizon usually have names) and received an alert that the device had turned off their phone’s encryption (allowing their messages to be read).
Map showing the location of rogue cell towers identified by the firewall on CryptoPhones in August via ESD America, a defense and law enforcement technology provider based in Las Vegas.
While the abilities of these interceptors vary, the full-featured versions available to government agencies are capable of a panoply of interceptions. For example, the VME Dominator can capture calls and texts, and can even control the intercepted phone. (In an interview with NBC, Snowden revealed that with this kind of technology the NSA is capable of turning on a powered-down phone and essentially using it as a bug.)
This NSA-style surveillance is spreading to local cops. A growing number of police departments are using tower-mimicking devices, “stingrays,” to track a cell phone’s location and extract call logs. Though little is known about the use of these devices, watchdog groups have scored small victories in their attempts to punch through this veil of secrecy. The map below, courtesy of the ACLU, shows how the use of stingrays is spreading. The map also shows that despite the ALCU's greatest efforts, it is unable to uncover information about stingray use in most of the country.
A recent case provided a glimpse into what stingrays can do and how they are being used.
In January, Tallahassee, Florida, police used one to track a stolen cell phone to a suspect’s apartment. The police then entered the home without permission, conducted a search, and arrested the suspect in his home. Not only did the police not have a warrant, but they did not disclose to a judge that they were in possession of a stingray because the department had received it on loan from the manufacturer on condition of secrecy.
Only after a judge granted a motion filed by the ACLU to unseal the transcripts of the case (the federal government had previously demanded the proceedings be sealed, going so far as to try to invoke the Homeland Security Act as the reason) was it revealed that between 2007 and 2010 the department used stingrays without getting warrants around 200 times. Additionally, the department had two devices; one mounted on a police vehicle, and the other carried by hand—and both were evaluating nearby cell phones in order to find a suspect. This means that information like location and phone data was pulled from innocent bystanders as well as the target of an investigation.
In the wake of the militarized response by the police in Ferguson, Missouri to protesters, many are taking a closer look at how the government may be abetting law enforcement in surreptitious cell phone surveillance. The purchase of such equipment is often funded by Homeland Security grants for which state and local police departments can apply. The gradual uncovering of this paper trail reveals new details about surveillance technology use. For instance, a Tacoma, Washington purchase order, uncovered by The News Tribune, revealed that a major reason there’s been a recent surge in requests for upgraded stingrays is the spread of 4G service.
Older stingrays, like the kind used by police departments, force phones using 4G or 3G down to 2G in order to more easily de-crypt data in real time. But 2G service is expected to be shut off soon—AT&T announced it would do so in 2017. If a stingray can’t knock a 4G phone down to 2G, however, it can’t do its job.
Last week, the city of Oakland, California, released documents revealing that three local jurisdictions applied for a Homeland Security grant to obtain a “state-of-the-art cell phone tracking system” with 4G tracking abilities. Other areas, including Tacoma; Baltimore; Chesterfield, Virginia; Sunrise, Florida; and Michigan's Oakland County are also seeking upgrades.
Since the news of the phony cell phone towers broke, Les Goldsmith, the CEO of ESD America, which is marketing the CryptoPhone500 in the U.S., told Newsweek that sales have been “exceptional.” He added, “We should get far greater units in the field to report interceptors."