What are cell site simulators? And how do they work?

May 11, 2017 GMT

KIEV, Ukraine (AP) — The formidable surveillance power of cell site simulators has put them at the forefront of privacy debates in the U.S. and Europe. Now The Associated Press has found evidence that the devices are sending threatening text messages to the soldiers fighting pro-Russian separatists in eastern Ukraine.

So what are cell site simulators and how do they work?

—What are they?

Cell site simulators work by masquerading as one of the millions of cell towers that keep people connected all around the world. The devices, which can vary in size and are also known as IMSI catchers, or by various brand names such as DRT boxes or Stingrays, take advantage of well-known flaws in cellphone network security to trick nearby handsets into divulging information or behaving in ways that they shouldn’t. They’ve been used to block phone use in British prisons , track gang members in Canada and allegedly eavesdrop on protesters in Chicago . Authorities have long fought to keep the hardware out of the public eye , but cell site simulators are increasingly becoming subject to judicial scrutiny and have even popped up in popular culture, appearing in shows such as the Baltimore crime series “The Wire.”

“They’re mass surveillance devices,” said Christopher Parsons, a researcher with Citizen Lab, at the University of Toronto’s Munk School of Global Affairs. He added that there are still many unanswered questions about how the devices are being used internationally and by whom.

“This is product line that principally operates in the darkness,” he said.

—How do they work?

Handsets try to keep their users as connected as possible, jumping from one cellphone tower to another in a constant struggle to improve reception. Because securing phones’ signals from eavesdroppers has long taken a backseat to making sure calls get through clearly, it’s relatively easy to create set up a malicious device that mimics a cell tower, drawing data from nearby phones like an invisible magnet. Although traditionally the domain of intelligence agencies and the military, cell site simulators are now so widespread that even local police forces , talented amateurs and criminals can quietly using the devices to steal secrets.

“It’s not that the phones are stupid,” said Heath Hardman, a former U.S. Marines signals analyst who used simulators in Iraq and Afghanistan. “It’s just that the phones are not programmed to detect lies.”



Raphael Satter can be reached at: http://raphaelsatter.com