The Department of Homeland Security has acknowledged the presence of what appear to be unauthorized mobile surveillance devices in the Washington, D.C. area and elsewhere in the United States that could be exploited by foreign spies to track and intercept phone calls.
The devices, often referred to as Stingrays after a popular model made by Harris Corp., imitate a cell tower to capture caller location and other associated data. While they have been used by U.S. law enforcement for years, their use for foreign espionage in the U.S. has been a source of speculation.
In a March 26 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop and other news outlets, DHS’s National Protection and Programs Directorate said the department has observed “anomalous activity” in or near the nation’s capital that “appears to be consistent” with such surveillance devices, which are also called international mobile subscriber identity (IMSI) catchers. The NPPD has not validated or attributed the surveillance activity to any particular person or device, the letter said.
“Overall, NPPD believes the malicious use of IMSI catchers is a real and growing risk,” top NPPD official Christopher Krebs wrote to Wyden. Krebs added that such use of IMSI catchers is illegal, but that his directorate is unaware of any DHS capability that could be used to detect the devices.
The Associated Press was first to report on DHS’s letter to Wyden.
Wyden wrote to Krebs in November demanding to know whether foreign intelligence services had used IMSI catchers on U.S. soil. “Foreign government surveillance of senior American political and business leaders would obviously pose a significant threat to our country’s national and economic security,” Wyden wrote.
Joseph Lorenzo Hall, chief technologist at the nonprofit Center for Democracy & Technology, told CyberScoop he hopes DHS will eventually disclose the locations of IMSI catchers “as that would allow NGOs like us to advise people to not go to certain areas or turn their phones off (or wrap them in foil).”
While some in the telecoms industry are trying to use forthcoming 5G standards to protect against IMSI catchers, “until that happens, we can only be armed with knowledge of where these things might be,” Hall added.
A DHS study of mobile device security published last year identified IMSI catchers as one of a handful of “emerging threats,” noting that the devices “are being marketed worldwide for 2G, 3G, and 4G exploitation.”