Ever watched a spy movie (including the James Bond movies) where they can easily listen to other people’s mobile phone conversations easily at the press of a button? I always thought it was just one of those movie things that does not actually happen in re l life. But I was totally shocked when I learned that this mobile phone tapping is not only possible but is ridiculously very easy. Any 5 year old can listen to other people’s mobile phone conversations with the help of an IMSI Catcher device.
What is an IMSI Catcher?
An IMSI catcher (more popular as Stringray in the United States) is a simple man-in-the-middle attack device that masquerades as a local cellphone tower. Your mobile phone sees this IMSI catcher as just another cellphone tower with a much stronger signal and connects to it. The signal from IMSI catcher is stronger than the real cellphone tower because it is much closer to your mobile phone. IMSI catcher then relays the phone traffic between the real cellphone tower and your cell phone, conveniently intercepting any data it wants.
Which type of mobile networks are vulnerable?
Earlier (before 2017) it was considered that only 2G networks are vulnerable to stingrays. But in 2017, some researchers found out that 3G/4G and CDMA networks are also vulnerable to a similar form of attack. Modified form of stingray devices can be used to intercept the communication between a handset and cell tower even on 3G, 4G LTE or CDMA networks.
Are 3G/4G LTE networks harder to break into?
Earlier the usual solution to prevent yourself from becoming another IMSI catcher victim was to just simply switch to a non-GSM networks like 3G/4G or CDMA networks. This is because most of the cheap IMSI catchers rely on a vulnerability in the GSM protocol that makes handsets (mobile phones) to identify themselves using their IMEI code to the cellphone towers, but has no such rule for verification of the cellphone towers. Using this loophole, an IMSI catcher device can pretend to be a cellphone tower.
But with more elaborately designed and much more expensive IMSI catcher devices can also intercept communication over 3G/4G/LTE/CDMA networks. While 2G communication is easy to intercept, other networks are not so easy to intercept and require a lot of work on the part of the attacker/hacker. Only dedicated hackers like the ones from a state’s secret services will spend so much money and time stalking the target to do so. Even today (2018), it is relatively safe to switch to 3G/4G/LTE/CDMA networks.
Will switching to 3G/4G networks prevent Stingray?
If you have a smart phone that allows switching from 2G to 4G/3G and vice-versa, then keep your mobile phone switched to 4G or 3G network of your mobile operator. This is because most of the IMSI catchers target the 2G networks. Furthermore, 3G networks use LTE, UMTS or HSPA frequencies and do not use the GSM network. Although UMTS is based on GSM, it is considered a little safer. But as of 2017, even 4G has become vulnerable. They are hoping to make 5G networks much more secure in future.
Use Encrypted Phone Calling Apps
IMSI catchers are basically used to intercept and listen to your regular phone conversations. So in order to protect your phone conversations, you can use any of the apps that allow making phone calls through the mobile data account (3G/4G) or through the WiFi network. For even more protection, you can use an app like RedPhone that allows encrypted phone calls.
Look for sudden unusually strong mobile signals
If you are generally receiving a bad mobile signal throughout the city but when you arrive in your office room, suddenly the signal gets strong for no explicable reason, then you could be the target of IMSI catcher. Download a signal app like Network Signal Info and walk around to find where the signal gets stronger. If the signal is not getting stronger in the directions of a known cellphone tower, then it could be an IMSI catcher at work. But this could also be possible because your office has a signal repeater or signal booster installed.
SnoopSnitch for Android
SnoopSnitch for Android is a simple app to analyze your mobile radio data and warn you about threats like IMSI catchers. Although it is a useful app, it is severely limited as it works only with smart phones having Qualcomm SoC, stock Android ROM installed and the phones have to be rooted. Not many smart phones can fulfill this criteria.
Conclusion: IMSI Catchers can intercept your mobile phone calls without you ever knowing about it. The only solution to avoid being a victim of such an attack is to be alert about suspicious mobile networks around you showing unusually strong signals.
Hello. I have a cell which uses CDMA technology in cell towers. I just read CDMA cell phones can now be hacked by IMSI Catchers.
Do you agree with this?
CDMA communication is harder to intercept, but it is possible. In today’s date, only network that cannot be intercepted is 5G.
on 2021 openSS7 can easy compromise LTE and 5G there is already tools out there.