Cellphone surveillance

Last updated
Diagram showing the operation of a StingRay device for cellphone surveillance. Stingray.png
Diagram showing the operation of a StingRay device for cellphone surveillance.

Cellphone surveillance (also known as cellphone spying) may involve tracking, bugging, monitoring, eavesdropping, and recording conversations and text messages on mobile phones. [1] It also encompasses the monitoring of people's movements, which can be tracked using mobile phone signals when phones are turned on. [2]

Contents

Mass cellphone surveillance

Stingray devices

StingRay devices are a technology that mimics a cellphone tower, causing nearby cellphones to connect and pass data through them instead of legitimate towers. [3] This process is invisible to the end-user and allows the device operator full access to any communicated data. [3] They are also capable of capturing information from phones of bystanders. [4] This technology is a form of man-in-the-middle attack. [5]

StingRays are used by law enforcement agencies to track people's movements, and intercept and record conversations, names, phone numbers and text messages from mobile phones. [1] Their use entails the monitoring and collection of data from all mobile phones within a target area. [1] Law enforcement agencies in Northern California that have purchased StingRay devices include the Oakland Police Department, San Francisco Police Department, Sacramento County Sheriff's Department, San Jose Police Department and Fremont Police Department. [1] The Fremont Police Department's use of a StingRay device is in a partnership with the Oakland Police Department and Alameda County District Attorney's Office. [1]

End-to-end encryption such as Signal protects traffic against StingRay devices via cryptographic strategies. [6]

A typical cell tower mounted on electric lines. IntegratedCellTower.jpg
A typical cell tower mounted on electric lines.

Dirtbox (DRT box)

Dirtbox is a technology similar to Stingrays that are usually mounted on aerial vehicles that can mimic cell sites and also jam signals. The device uses an IMSI-catcher and is claimed to be able to bypass cryptographic encryption by getting IMSI numbers and ESNs (electronic serial numbers).

Tower dumps

A tower dump is the sharing of identifying information by a cell tower operator, which can be used to identify where a given individual was at a certain time. [7] [8] As mobile phone users move, their devices will connect to nearby cell towers in order to maintain a strong signal even while the phone is not actively in use. [9] [8] These towers record identifying information about cellphones connected to them which then can be used to track individuals. [7] [8]

In most of the United States, police can get many kinds of cellphone data without obtaining a warrant. Law-enforcement records show police can use initial data from a tower dump to ask for another court order for more information, including addresses, billing records and logs of calls, texts and locations. [8]

Targeted surveillance

Software vulnerabilities

Cellphone bugs can be created by disabling the ringing feature on a mobile phone, allowing a caller to call a phone to access its microphone and listening. One example of this was the group FaceTime bug. This bug enables people to eavesdrop on conversations without calls being answered by the recipient.

In the United States, the FBI has used "roving bugs", which entails the activation of microphones on mobile phones to the monitoring of conversations. [10]

Cellphone spying software

Cellphone spying software [11] is a type of cellphone bugging, tracking, and monitoring software that is surreptitiously installed on mobile phones. This software can enable conversations to be heard and recorded from phones upon which it is installed. [12] Cellphone spying software can be downloaded onto cellphones. [13] Cellphone spying software enables the monitoring or stalking of a target cellphone from a remote location with some of the following techniques: [14]

Cellphone spying software can enable microphones on mobile phones when phones are not being used, and can be installed by mobile providers. [10]

Bugging

Intentionally hiding a cell phone in a location is a bugging technique. Some hidden cellphone bugs rely on Wi-Fi hotspots, rather than cellular data, where the tracker rootkit software periodically "wakes up" and signs into a public Wi-Fi hotspot to upload tracker data onto a public internet server.

Lawful interception

Governments may sometimes legally monitor mobile phone communications - a procedure known as lawful interception. [15]

In the United States, the government pays phone companies directly to record and collect cellular communications from specified individuals. [15] U.S. law enforcement agencies can also legally track the movements of people from their mobile phone signals upon obtaining a court order to do so. [2]

These invasive legal surveillance can cause a change in public behaviors directing our ways of communication away from technology based devices.

Real-time location data

In 2018, United States cellphone carriers that sell customers' real-time location data - AT&T, Verizon, T-Mobile, and Sprint- publicly stated they would cease those data sales because the FCC found the companies had been negligent in protecting the personal privacy of their customers' data. Location aggregators, bounty hunters, and others including law enforcement agencies that did not obtain search warrants used that information. FCC Chairman Ajit Pai concluded that carriers had apparently violated federal law. However, in 2019, the carriers were continuing to sell real-time location data. In late February 2020, the FCC was seeking fines on the carriers in the case. [16]

Occurrences

In 2005, the prime minister of Greece was advised that his, over 100 dignitaries', and the mayor of Athens' mobile phones were bugged. [12] Kostas Tsalikidis, a Vodafone-Panafon employee, was implicated in the matter as using his position as head of the company's network planning to assist in the bugging. [12] Tsalikidis was found hanged in his apartment the day before the leaders were notified about the bugging, which was reported as "an apparent suicide." [17] [18] [19] [20]

Security holes within Signalling System No. 7 (SS7), called Common Channel Signalling System 7 (CCSS7) in the US and Common Channel Interoffice Signaling 7 (CCIS7) in the UK, were demonstrated at Chaos Communication Congress, Hamburg in 2014. [21] [22]

During the coronavirus pandemic Israel authorized its internal security service, Shin Bet, to use its access to historic cellphone metadata [23] to engage in location tracking of COVID-19 carriers. [24]

Detection

Some indications of possible cellphone surveillance occurring may include a mobile phone waking up unexpectedly, using a lot of battery power when on idle or when not in use, hearing clicking or beeping sounds when conversations are occurring and the circuit board of the phone being warm despite the phone not being used. [30] [38] [47] However, sophisticated surveillance methods can be completely invisible to the user and may be able to evade detection techniques currently employed by security researchers and ecosystem providers. [48]

Prevention

Preventive measures against cellphone surveillance include not losing or allowing strangers to use a mobile phone and the utilization of an access password. [13] [14] Another technique would be turning off the phone and then also removing the battery when not in use. [13] [14] Jamming devices or a Faraday cage may also work, the latter obviating removal of the battery [49]

Another solution is a cellphone with a physical (electric) switch or isolated electronic switch that disconnects the microphone and the camera without bypass, meaning the switch can be operated by the user only - no software can connect it back.

See also

Related Research Articles

In radio communication, a transceiver is an electronic device which is a combination of a radio transmitter and a receiver, hence the name. It can both transmit and receive radio waves using an antenna, for communication purposes. These two related functions are often combined in a single device to reduce manufacturing costs. The term is also used for other devices which can both transmit and receive through a communications channel, such as optical transceivers which transmit and receive light in optical fiber systems, and bus transceivers which transmit and receive digital data in computer data buses.

<span class="mw-page-title-main">Surveillance</span> Monitoring something for the purposes of influencing, protecting, or suppressing it

Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing, or directing. This can include observation from a distance by means of electronic equipment, such as closed-circuit television (CCTV), or interception of electronically transmitted information like Internet traffic. Increasingly, governments may also obtain consumer data through the purchase of online information, effectively expanding surveillance capabilities through commercially available digital records. It can also include simple technical methods, such as human intelligence gathering and postal interception.

A covert listening device, more commonly known as a bug or a wire, is usually a combination of a miniature radio transmitter with a microphone. The use of bugs, called bugging, or wiretapping is a common technique in surveillance, espionage and police investigations.

Wiretapping, also known as wire tapping or telephone tapping, is the monitoring of telephone and Internet-based conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on an analog telephone or telegraph line. Legal wiretapping by a government agency is also called lawful interception. Passive wiretapping monitors or records the traffic, while active wiretapping alters or otherwise affects it.

<span class="mw-page-title-main">Cell site</span> Communications equipment location

A cell site, cell phone tower, cell base tower, or cellular base station is a cellular-enabled mobile device site where antennas and electronic communications equipment are placed to create a cell, or adjacent cells, in a cellular network. The raised structure typically supports antenna and one or more sets of transmitter/receivers transceivers, digital signal processors, control electronics, a GPS receiver for timing, primary and backup electrical power sources, and sheltering.

<span class="mw-page-title-main">Mobile telephony</span> Provision of telephone services to phones

Mobile telephony is the provision of wireless telephone services to mobile phones, distinguishing it from fixed-location telephony provided via landline phones. Traditionally, telephony specifically refers to voice communication, though the distinction has become less clear with the integration of additional features such as text messaging and data services.

Secure communication is when two entities are communicating and do not want a third party to listen in. For this to be the case, the entities need to communicate in a way that is unsusceptible to eavesdropping or interception. Secure communication includes means by which people can share information with varying degrees of certainty that third parties cannot intercept what is said. Other than spoken face-to-face communication with no possible eavesdropper, it is probable that no communication is guaranteed to be secure in this sense, although practical obstacles such as legislation, resources, technical issues, and the sheer volume of communication serve to limit surveillance.

<span class="mw-page-title-main">Intercom</span> Voice communications system for use within a local area

An intercom, also called an intercommunication device, intercommunicator, or interphone, is a stand-alone voice communications system for use within a building, small collection of buildings or portably within a small coverage area, which functions independently of the public telephone network. Intercoms are generally mounted permanently in buildings and vehicles, but can also be detachable and portable. Intercoms can incorporate connections to public address loudspeaker systems, walkie talkies, telephones, and other intercom systems. Some intercom systems incorporate control of devices such as signal lights and door latches.

<span class="mw-page-title-main">Mobile phone tracking</span> Identifying the location of a mobile phone

Mobile phone tracking is a process for identifying the location of a mobile phone, whether stationary or moving. Localization may be affected by a number of technologies, such as the multilateration of radio signals between (several) cell towers of the network and the phone or by simply using GNSS. To locate a mobile phone using multilateration of mobile radio signals, the phone must emit at least the idle signal to contact nearby antenna towers and does not require an active call. The Global System for Mobile Communications (GSM) is based on the phone's signal strength to nearby antenna masts.

An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users. Essentially a "fake" mobile tower acting between the target mobile phone and the service provider's real towers, it is considered a man-in-the-middle (MITM) attack. The 3G wireless standard offers some risk mitigation due to mutual authentication required from both the handset and the network. However, sophisticated attacks may be able to downgrade 3G and LTE to non-LTE network services which do not require mutual authentication.

A GPS tracking unit, geotracking unit, satellite tracking unit, or simply tracker is a navigation device normally on a vehicle, asset, person or animal that uses satellite navigation to determine its movement and determine its WGS84 UTM geographic position (geotracking) to determine its location. Satellite tracking devices may send special satellite signals that are processed by a receiver.

Countersurveillance refers to measures that are usually undertaken by the public to prevent surveillance, including covert surveillance. Countersurveillance may include electronic methods such as technical surveillance counter-measures, which is the process of detecting surveillance devices. It can also include covert listening devices, visual surveillance devices, and countersurveillance software to thwart unwanted cybercrime, such as accessing computing and mobile devices for various nefarious reasons. More often than not, countersurveillance will employ a set of actions (countermeasures) that, when followed, reduce the risk of surveillance. Countersurveillance is different from sousveillance, as the latter does not necessarily aim to prevent or reduce surveillance.

<span class="mw-page-title-main">Mobile phone</span> Portable device to make telephone calls using a radio link

A mobile phone, or cell phone, is a portable telephone that allows users to make and receive calls over a radio frequency link while moving within a designated telephone service area, unlike fixed-location phones. This radio frequency link connects to the switching systems of a mobile phone operator, providing access to the public switched telephone network (PSTN). Modern mobile telephony relies on a cellular network architecture, which is why mobile phones are often referred to as 'cell phones' in North America.

Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.

Phone surveillance is the act of performing surveillance on phone conversations, location tracking, and data monitoring of a phone. Before the era of mobile phones, these used to refer to the tapping of phone lines via a method called wiretapping. Wiretapping has now been replaced by software that monitors the cell phones of users.

<span class="mw-page-title-main">Stingray phone tracker</span> Cellular phone surveillance device

The StingRay is an IMSI-catcher, a cellular phone surveillance device, manufactured by Harris Corporation. Initially developed for the military and intelligence community, the StingRay and similar Harris devices are in widespread use by local and state law enforcement agencies across Canada, the United States, and in the United Kingdom. Stingray has also become a generic name to describe these kinds of devices.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Timeline of global surveillance disclosures (2013–present)</span>

This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.

A dirtbox is a cell site simulator, a phone device mimicking a cell phone tower, that creates a signal strong enough to cause nearby dormant mobile phones to switch to it. Mounted on aircraft, it has been used by the United States Marshals Service since at least 2007 to locate and collect information from cell phones believed to be connected with criminal activity. It can also be used to jam phones. The device's name comes from the company that developed it, Digital Receiver Technology, Inc. (DRT), owned by the Boeing Company. Boeing describes the device as a hybrid of "jamming, managed access and detection". A similar device with a smaller range, the controversial StingRay phone tracker, has been widely used by U.S. federal entities, including the Federal Bureau of Investigation (FBI).

A microphone blocker is an adapter designed to prevent eavesdropping.

References

  1. 1 2 3 4 5 Bott, Michael; Jensen, Thom (March 6, 2014). "9 Calif. law enforcement agencies connected to cellphone spying technology". ABC News, News10. Archived from the original on 24 March 2014. Retrieved 26 March 2014.
  2. 1 2 Richtel, Matt (December 10, 2005). "Live Tracking of Mobile Phones Prompts Court Fights on Privacy" (PDF). The New York Times . Retrieved 26 March 2014.
  3. 1 2 Valentino-DeVries, Jennifer (2011-09-22). "'Stingray' Phone Tracker Fuels Constitutional Clash". The Wall Street Journal . ISSN   0099-9660 . Retrieved 2019-11-07.
  4. "New Records Detail How the FBI Pressures Police to Keep Use of Shady Phone Surveillance Technology a Secret". American Civil Liberties Union. Retrieved 2024-05-03.
  5. "5G Is Here—and Still Vulnerable to Stingray Surveillance". Wired. ISSN   1059-1028 . Retrieved 2019-11-07.
  6. Grauer, Yael (2017-03-08). "WikiLeaks Says the CIA Can "Bypass" Secure Messaging Apps Like Signal. What Does That Mean?". Slate . Retrieved 2019-11-07.
  7. 1 2 Williams, Katie Bo (2017-08-24). "Verizon reports spike in government requests for cell 'tower dumps'". The Hill . Retrieved 2019-11-07.
  8. 1 2 3 4 John Kelly (13 June 2014). "Cellphone data spying: It's not just the NSA". USA Today .
  9. "Giz Explains: How Cell Towers Work". Gizmodo. 21 March 2009. Retrieved 2019-11-07.
  10. 1 2 McCullagh, Declan; Broache, Anne (December 4, 2006). "FBI taps cell phone mic as eavesdropping tool". CNET . Retrieved 30 August 2024.
  11. "Cell Phone Spying Software". Cell Phone Spying.
  12. 1 2 3 V., Prevelakis; D., Spinellis (July 2007). "The Athens Affair". IEEE Spectrum. 44 (7): 26–33. doi:10.1109/MSPEC.2007.376605. S2CID   14732055.(subscription required)
  13. 1 2 3 4 Segall, Bob (June 29, 2009). "Tapping your cell phone". WTHR13 News (NBC). Retrieved 26 March 2014.
  14. 1 2 3 News report. WTHR News. (YouTube video)
  15. 1 2 "The price of surveillance: US gov't pays to snoop". AP News . 10 July 2013. Retrieved 2019-11-11.
  16. "4 cellphone carriers may face $200M in fines for selling location data". Honolulu Star-Advertiser . 2020-02-27. Retrieved 2020-02-28.
  17. Bamford2015-09-29T02:01:02+00:00, James BamfordJames (29 September 2015). "Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?". The Intercept . Retrieved 7 June 2017.{{cite web}}: CS1 maint: numeric names: authors list (link)
  18. "Story of the Greek Wiretapping Scandal - Schneier on Security". www.schneier.com. 10 July 2007. Retrieved 7 June 2017.
  19. "Software engineer?s body exhumed, results in a month - Kathimerini". ekathimerini.com. Retrieved 7 June 2017.
  20. "Ericsson's Greek branch fined over wire-tapping scandal". thelocal.se. 6 September 2007. Retrieved 7 June 2017.
  21. Gibbs, Samuel (19 April 2016). "SS7 hack explained: what can you do about it?". The Guardian . Retrieved 7 June 2017.
  22. 1 2 Zetter, Kim. "The Critical Hole at the Heart of Our Cell Phone Networks". Wired. Retrieved 7 June 2017.
  23. Cahane, Amir (2021-01-19). "The (Missed) Israeli Snowden Moment?". International Journal of Intelligence and CounterIntelligence. 34 (4): 694–717. doi: 10.1080/08850607.2020.1838902 . ISSN   0885-0607.
  24. Cahane, Amir (2020-11-30). "Israel's SIGINT Oversight Ecosystem: COVID-19 Secret Service Location Tracking as a Test Case". University of New Hampshire Law Review. Rochester, NY. SSRN   3748401.
  25. "Common security vulnerabilities of mobile devices - Information Age". information-age.com. 21 February 2017. Retrieved 7 June 2017.
  26. https://www.us-cert.gov/sites/default/files/publications/cyber_threats-to_mobile_phones.pdf [ bare URL PDF ]
  27. Zetter, Kim. "Hackers Can Control Your Phone Using a Tool That's Already Built Into It - WIRED". Wired. Retrieved 7 June 2017.
  28. http://www.jsums.edu/research/files/2013/06/Cell-Phone-Vulnerabilities-1.pdf?x52307 [ bare URL PDF ]
  29. "Baseband vulnerability could mean undetectable, unblockable attacks on mobile phones". Boing Boing. 20 July 2016. Retrieved 7 June 2017.
  30. [13] [25] [22] [26] [27] [28] [29]
  31. Greenberg, Andy. "So Hey You Should Stop Using Texts for Two-Factor Authentication - WIRED". Wired. Retrieved 7 June 2017.
  32. "How to Protect Yourself from SS7 and Other Cellular Network Vulnerabilities". blackberry.com. Retrieved 7 June 2017.
  33. Beekman, Jethro G.; Thompson, Christopher. "Breaking Cell Phone Authentication: Vulnerabilities in AKA, IMS and Android". CiteSeerX   10.1.1.368.2999 .{{cite journal}}: Cite journal requires |journal= (help)
  34. "Security Vulnerabilities in Mobile MAC Randomization - Schneier on Security". www.schneier.com. 20 March 2017. Retrieved 7 June 2017.
  35. Newman, Lily Hay. "A Cell Network Flaw Lets Hackers Drain Bank Accounts. Here's How to Fix It". Wired. Retrieved 7 June 2017.
  36. Titcomb, James (26 August 2016). "iPhone spying flaw: What you need to know about Apple's critical security update". The Telegraph . Retrieved 7 June 2017.
  37. Perlroth, Nicole (25 August 2016). "IPhone Users Urged to Update Software After Security Flaws Are Found". The New York Times . Retrieved 7 June 2017.
  38. [31] [32] [33] [34] [35] [36] [37]
  39. Barrett, Brian. "Update Your iPhone Right Now". Wired. Retrieved 7 June 2017.
  40. Kelly, Heather (25 August 2016). "iPhone vulnerability used to target journalists, aid workers". CNNMoney. Retrieved 7 June 2017.
  41. Heisler, Yoni (8 March 2017). "Apple responds to CIA iPhone exploits uncovered in new WikiLeaks data dump". bgr.com. Retrieved 7 June 2017.
  42. "Current Activity - US-CERT". www.us-cert.gov. Retrieved 7 June 2017.
  43. Ivy. "Apple: iOS 10.3.1 fixes WLAN security vulnerabilities". cubot.net. Retrieved 7 June 2017.
  44. "iOS 10.3.2 arrives with nearly two dozen security fixes". arstechnica.com. 15 May 2017. Retrieved 7 June 2017.
  45. "NVD - Home". nvd.nist.gov. Retrieved 7 June 2017.
  46. "Apple users advised to update their software now, as new security patches released". welivesecurity.com. 16 May 2017. Retrieved 7 June 2017.
  47. [39] [40] [41] [42] [43] [44] [45] [46]
  48. Kröger, Jacob Leon; Raschke, Philip (2019). "Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping". Data and Applications Security and Privacy XXXIII. Lecture Notes in Computer Science. Vol. 11559. pp. 102–120. doi: 10.1007/978-3-030-22479-0_6 . ISBN   978-3-030-22478-3. ISSN   0302-9743.
  49. Steven, Davis (2024-02-17). "Notifications and Alerts?". JammerX. Retrieved 2024-05-17.

https://mfggang.com/read-messages/how-to-read-texts-from-another-phone/