IMSI Catchers

During this week, we were conducting online research. During the task I found an interesting article in the Le Parisien about a vehicle being stopped by authorities in Paris/France near a metro station, 30/12/22. On searching the vehicle, the police found several mobile phones and a small white box with multiple antennae on the back seat. The box had a wire that ran through the seat to a crate in the boot. The discovery resulted in the bomb squad being called out.

On further investigation the device was confirmed to be a professional yet outdated ‘IMSI-catcher’ (IC). An IC is a piece of technology which can be used to locate/track mobile phones that are working/receiving a signal in a particular area, an IC mimics a mobile phone tower. The IC tricks a phone and connects to it like a regular mobile-network, making it easy to access details without approval/knowledge. ICs are used as ‘man-in-the-middle attacks’ similar to a WIFI-Pineapple. Once connected an IC can obtain the Int-Mobile-Subscriber-Identity (IMSI) number, a unique number used to identify a specific user on a network. In addition to the IMSI number it can also access the Int-Mobile-Equipment-Identity (IMEI) number, a unique identifier for cellular/satellite phones. Once the IC authenticates a device it can intercept all traffic from that device.

The utility of ICs in a law enforcement context to locate/track mobile phones, intercept text messages, calls and other data to combat crime is controversial due to privacy concerns, and following a tribunal ruling (2020), police in England/Wales can refuse to confirm or deny whether they use IC’s. In my experience and when I was writing applications, the use of ICs in the UK is governed by the Regulation of Investigatory Powers Act (RIPA) 2000 as it is considered covert surveillance and the police will need exceptional evidence to get the authority to use the equipment.

The article in Le Parisien poses the question of how this equipment is regulated/used worldwide. As a former police officer IC’s can assist the police/intel agencies in identifying criminal activity and in my opinion the police should be able to use such tools IF authorised. However, the counter argument made by our Director Cyber Security & Electronic Counter Measures was that the practical use of IC’s is difficult to use in a targeted way. Like all radio antennas, IC’s collect a lot of mobile-traffic/data most of which belongs to people who are not suspected of any criminal activity.

Whilst it’s not for us to confirm/deny the use of IC’s by law enforcement agencies, there are clearly arguments for (catch criminals) and against (privacy). In regard to the Paris incident clearly there was relief it wasn’t a bomb. BUT who was driving around with an IC collecting data and for what purpose? We’d be interested in your thoughts.

Valkyrie Updates

News

Stay informed with the latest insights, expertise and innovations in the world of security with Valkyrie’s news, reports and white papers