A series of fake cell phone towers designed to intercept user data
has been discovered throughout the U.S., according to the magazine Popular Science. The organization behind the towers' construction and their purpose remain mysteries.
In addition to listening in on encrypted phone calls, the surveillance network is able to read SMS messages and record individuals' location data. Nineteen such towers have been discovered throughout the U.S. in the last week, Popular Science reported.
The phony towers were discovered by ESD America, the company that makes the Cryptophone 500, a customized Android handset that runs encryption software allowing it to identify when it is being hacked. According to ESD, eight interceptor towers were discovered by just driving between North Carolina and Florida. A tower has also been discovered at the South Point Casino in Las Vegas.
The towers, technically known as IMSI-catchers, work by exploiting the weak security in the antiquated 2G communication technology. The towers fake the credentials of a phone carrier's own towers, then trick the handset into connecting through them. Once connected, the towers force the phones to disable their encryption, allowing whoever has constructed the tower to eavesdrop on phone calls, text messages, and other data.
The phones do not alert users that their encryption has been deactivated. However, the fake towers force phones to slow down to 2G from 4G, so a sudden decrease in download speed may be a clue that a phone is being tapped.
Several of the interceptors have been constructed near U.S. military bases. Although it is impossible to say for certain who is behind the phone-tapping scheme, the federal National Security Agency is, perhaps ironically, an unlikely culprit. According to a VentureBeat report quoting Andrew Jaquith, CTO of cloud security provider SilverSky, the NSA can listen to virtually any phone call it wants to by having the carrier tap the call.
Joseph Hall, chief technologist for the Center for Democracy and Technology, said the discovery of the surveillance network is a troubling development for privacy concerns.
"This is by definition surveillance, eavesdropping and in the case of content, wire-tapping," Hall told us in an e-mail. Use of that kind of technology represents "activities that are criminally illegal without a warrant from a judge or consent of the user."
Local police departments in several U.S. cities, on the other hand, have been using similar technology, known as "stingray" towers. Like the phony towers discovered by ESD, police in cities such as Oakland use stingray towers to eavesdrop on the phone calls of anyone connecting through a fake tower. What police departments are doing with the evidence gathered through the phone tapping is difficult to determine, since departments often conceal the use of stingray towers in court cases. (continued...)