Mysterious Phony Cell Towers Could Be Intercepting Your Calls
Interceptors vary widely in expense and sophistication - but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone’s main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.
“The baseband processor is one of the more difficult things to get into or even communicate with,” says Mathew Rowley, a senior security consultant at Matasano Security. “[That’s] because my computer doesn’t speak 4G or GSM, and also all those protocols are encrypted. You have to buy special hardware to get in the air and pull down the waves and try to figure out what they mean. It’s just pretty unrealistic for the general community.”
But for governments or other entities able to afford a price tag of “less than $100,000,” says Goldsmith, high-quality interceptors are quite realistic. Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, can not only capture calls and texts, but even actively control the phone, sending out spoof texts, for example. Edward Snowden revealed that the N.S.A. is capable of an over-the-air attack that tells the phone to fake a shut-down while leaving the microphone running, turning the seemingly deactivated phone into a bug. And various ethical hackers have demonstrated DIY interceptor projects, using a software programmable radio and the open-source base station software package OpenBTS - this creates a basic interceptor for less than $3,000. On August 11, the F.C.C. announced an investigation into the use of interceptors against Americans by foreign intelligence services and criminal gangs.