Israel was attributed for the IMSI catchers discovered in Washington, D.C. three years prior in September 2019, demonstrating the frequency of these types of eavesdropping equipment. Previously used only by law enforcement to locate the international mobile subscriber identity (IMSI) associated with a criminal suspect's SIM card for investigation purposes, an IMSI catcher may now be purchased or built by almost anyone to intercept a target's communications. With such low barriers to entry, these devices are no longer simply for the wrong people to be concerned about.
This article will examine specific aspects to unfold the dangers of ISMI/stringays, etc.
Cracking GSM encryption, passive GSM interception, and aggressive GSM interception are all examples of GSM attacks. IMSI catchers come under the last type, serving as a transceiver and actively interfering with communications between mobile phones and base stations (simultaneously transmitting and receiving).
IMSI catchers simultaneously deploy a "man-in-the-middle" [MITM] attack, presenting the fake mobile phone to the genuine base station and the fake base station to the actual mobile phone. IMSI catchers can determine the IMSI numbers of nearby mobile phones, which is the trademark capability from which they get their name. Using the IMSI, they can then identify mobile traffic on the network and target it for interception and analysis.
Stingrays have become commonly known as IMSI catchers. Law enforcement agencies have been dubbed "cell-site simulators" or "cell site emulators", fake cell towers, rogue base stations, StingRay or dirtbox. Because the 2G protocol has a lot of security flaws that make spying easier, IMSI catchers will frequently try to force communication over 2G. For one thing, encryption isn't always necessary. Many underlying cryptographic methods (such as A5/1) can be broken in real-time if this is the case.
IMSI catchers with more advanced capabilities can intercept texts and listen in on phone calls. They may also be able to intercept data transmissions, such as phone numbers dialed, web pages browsed, and other data. IMSI catchers are frequently equipped with jamming technology (to cause 3G and 4G phones to connect at 2G speeds) and other denial-of-service features. Some IMSI catchers may be able to retrieve things such as images and SMS from the target phone.
An IMSI catcher thus provides threat actors with several alternatives based on the device's capabilities and the cellular protocol in use.
There is no guaranteed way for a smartphone user to know if their device is linked to an IMSI catcher, much alone prohibiting connections with IMSI catchers, at this time. Slow cellular connections and a change in the band in the status bar (for example, from LTE to 2G) are indicators, however, slow connections happen to unaffected users as well, and specific IMSI catchers can operate in 4G.
IMSI catcher detection applications are only available for Android, and they require rooting the device – which is a security flaw – to access the cellular network communications available through the smartphone baseband's diagnostic interface. For identifying IMSI catchers, more reliable hardware options are available, which makes sense for protecting several smartphone users in a single location, such as a business headquarters or military post.
A typical arrangement includes a fixed, embedded system with sensor hardware and a cellular modem for continually monitoring the broadcast signals of nearby base stations, as well as a database to which data can be uploaded for analysis. When an IMSI catcher is found, alarms can be sent to all smartphone users in the organization.
While this appears to be a catastrophic situation, one option can safeguard you from all of these threats: the Efani Black Seal Protection. EFANI uses many levels of security and privacy to encrypt your voice, SMS, and text messages and a cloud-based solution to detect, protect, and warn users in real time when an intrusion attempt is made.
At the network level, Efani's Black Seal Protection delivers a unique military-grade capability for detecting IMSI Catchers and preventing Man in the Middle Attacks. The key strength of this solution is its ease of use. It is designed for cutting-edge protection on the SIM-card level and mass deployment in large enterprises.
Installing the EFANI encrypted SIM card into your smartphone and answering a few questions to activate it is all it takes. The user experience is unchanged, but security, privacy, and peace of mind have been added.
Perhaps most crucially, simply acknowledging that your cellular connections are unreliable may cause you to reconsider the information you exchange. Your security posture will benefit as a result.
Communication interceptions, service denial, and location monitoring are all frequent MITM threats. Symptoms of such attacks aren't always visible, except for service denial, if all communications are stopped. Otherwise, if someone wasn't actively seeking intercepted communications or double-checking every page they visited to ensure they weren't being sent to an attacker-controlled domain, they might not even be aware they were being tracked.
Want Guaranteed Protection Against SIM Swap? Reach Out to Us.