The FCC has assembled a task force to look into a publicly available surveillance technology used by police forces around the world that can intercept your cell signal, phone calls, and locate you, according to The Washington Post. The task force comes in response to questions brought by U.S. Rep. Alan M. Grayson (D-Fla) after a report in Newsweek brought light to the technology, called an IMSI catcher, commonly sold as StingRay.
An IMSI catcher, an acronym which stands for International Mobile Subscriber Identity, can mimic a cell tower and intercept signals that will allow the user to spy on its target. Once a IMSI catcher is locked on to a device, it can siphon information from it like text messages and GPS coordinates. Many IMSI catchers can also break common forms of encryption.
Speaking to Newsweek, former Navy SEAL and cofounder of encryption software company Silent Circle, Mike Janke says, “Defense firms in the Washington, D.C. area have found IMSI catchers attached to the light poles in their parking lots. In February, one or two were found in the parking lot of a defense contractor near Washington. They’ve also been found in Palo Alto. The FBI has been called in, but you can’t track who has made it.”
Former FBI Director Tim Murphy said that counterintelligence agencies around the world are using the IMSI catchers. “This type of technology has been used in the past by foreign intelligence agencies here and abroad to target Americans, both [in the] U.S. government and corporations. There’s no doubt in my mind that they’re using it.”
IMSI catchers can be purchased for as cheap as $1,800 online, or even made at home by the technically inclined. Combined with the fact that cell phone encryption technology is exceptionally weak, to the point where experts who spoke to The Washington Post last year believe any capable intelligence agency around the world could listen in to American phone calls, if it desired.
In his letter to FCC Chairman Tom Wheeler, Grayson noted that “Americans have a reasonable expectation for privacy in their communications” and that “It is extremely troubling to learn that cellular communications are so poorly secured, and that it is so easy to intercept calls and track people’s phones.”
In response, Wheeler wrote the goal of the task force—which is studying misuse, not availability of IMSI catchers—is to”develop concrete solutions to protect the cellular network systemically from similar unlawful intrusions and interceptions.”
It seems The FCC is not interested in looking into why and how IMSI catchers became so widely available and easy to build, and if they should even be legal. Looking into the misuse of the surveillance technology makes it seem like the FCC—which has authority over surveillance technology— is skirting the issue, as it looks to avoid making a strong statement on what should and could be used to gather information by law enforcement agencies.
Stephanie K. Pell, a cybersecurity expert and a cyber-ethics fellow at the Army Cyber Institute at the U.S. Military Academy told The Washington Post she personally doesn’t believe the legality of the devices matter much in the long run. Ultimately if we are going to get to the root of the problem, we will have to deal with this from a network vulnerability perspective.”
H/T The Washington Post | photo via joram68/Flickr (CC BY 2.0)