Seventeen rouge cell towers in the United States have been identified, and they’re intercepting your calls. They aren’t part of AT&T or any carrier’s phone network, nor are they part of the NSA’s plan to collect more information on citizens. We don’t know who these towers belong to.
We do know that these rouge towers are spread out across the United States, and once a phone is connected, attackers have the ability to intercept calls as well as load spyware onto your device. Smartphones are able to send and receive information as if nothing is amiss, so consumers are none the wiser.
The towers were revealed by Les Goldsmith, CEO of ESD America, when he sat down with Popular Science to talk about his company’s Cryptophone 500. This phone has military-grade security specs and costs an estimated $3,500. It has the body of a Samsung Galaxy S III and comes equipped with a familiar Android OS, but it has been modified, so it doesn’t come with the same faulty leaks.
Customers who purchased the phone began reporting and mapping where they found these interceptors. The map above indicates 17 that were found in July, which means there could be more. Goldsmith spoke of one customer who “took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip. We even found one [in the vicinity of] South Point Casino in Las Vegas.”
When coming in contact with an interceptor, your connection on an iOS or Android device may dip from 4G to 2G. The 2G protocol makes it easier to decrypt and initiate an attack, however, a “good interceptor” won’t show the change has even happened. “It’ll be set up to show you [falsely] that you’re still on 4G. You’ll think that you’re on 4G, but you’re actually being forced back to 2G.” Consumers on standard iOS and Android devices will notice if the protocol has been changed if they’re trying to load up a YouTube video and performance has ground to a halt. But the firewall on the Cryptophone 500 will confirm that encryption has been turned off and that users will no longer be communicating on a secure line if they choose to use it.
These interceptors aren’t cheap, though. Goldsmith prices one out to be “less than $100,000.” These interceptors may be limited to only listening in on calls, but it’s still not a comforting thought. Higher quality, more expensive interceptors could wreak far more havoc than knowing you asked your husband to pick up gelato after work. The VME Dominator, for example, could not only capture calls and text, but also control your device to compose and send out text messages. But devices like these are only available to government bodies.
It could be the NSA, but it wouldn’t be necessary. The NSA and government at large don’t need towers to intercept your calls in order to learn things about you; they need only go to a commercial carrier (AT&T, Verizon, Sprint — take your pick) in order to retrieve all the data they could possibly want. So, who could be intercepting calls and why do they want them?
It could be a foreign government, gangs, or possibly local police. Ars Technica reported on police departments trying to upgrade their cellular surveillance systems or “stingrays” to accommodate the future phasing out of 2G networks, like AT&T is planning to do by 2017. These stingrays operate like the cell interceptors described above, which call into question your Fourth Amendment Rights if officers are picking up your transmissions from one of these false towers. If you aren’t the gangster they’re trying to track, then do they just wave off your correspondences no matter how intriguing? Edward Snowden revealed this year in an interview that NSA officials would openly pass around compromising adult photos they found. If Americans can’t expect the same discretion within the NSA, why should we expect the same from police?
The FCC has established a task force to investigate — not the police departments that are exploiting Americans, but taking preventative measures to make sure cell towers are more secure. The 17 towers that have been discovered could be coming from just police or a mixture of foreign intelligence, local gangs, and police. It’s hard to say. While plenty of interceptors could be purchased for hundreds of thousands of dollars, others could be made out of someone’s garage for as little as $1,800, according to the FCC.
Aside from buying a Cryptophone 500, there’s not much you can do to protect yourself like you can on the Internet. The most you can do is be mindful of what you reveal on the phone, since anyone could be listening in.
More From Tech Cheat Sheet:
- Apple’s iCloud Hacking Scandal Drives More Users to Improve Security
- Analysts Examine Historical Trends Around Apple’s Big Media Events
- This Week’s 4 Biggest Video Game Releases
Want more great content like this? Sign up here to receive the best of Cheat Sheet delivered daily. No spam; just tailored content straight to your inbox.