Mystery of the Android attack towers

Here’s a little high-tech ghost story to give you chills, just in case you weren’t already freaked out enough by the Nude Celebrity Hack, or the possible theft of a large trove of credit card numbers from Home Depot:

Typical smartphones have a number of potential data insecurities, caused by their constant efforts to connect with various networks, and the way they keep most of their background activities conveniently hidden from the user.  We just want the things to work.  We don’t want our phone screens covered with impenetrable technobabble explaining exactly what the phone is doing at any given moment.

A company called ESD America decided to create a truly secure cell phone, which they dubbed the CryptoPhone 500, which combines heavy encryption of all communications with a reported 468 fixes to security flaws in the stock Android smartphone operating system.  Among its other features, the CryptoPhone 500 wants users when it detects suspicious network activity or active efforts to hack into it.  If you’re getting the impression these babies don’t come cheap, you’re right – they cost about $3500.  ESD America says it can’t make them fast enough to keep up with demand.

Guess what happened when a bunch of people with these “armored” smartphones started tooling around America and sniffing for security vulnerabilities?  Popular Science reports they discovered quite a few phony cell phone towers – possibly mobile installations – which were designed to attack smart phones that came into range:

To show what the CryptoPhone can do that less expensive competitors cannot, [ESD America CEO Les Goldsmith] points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone. (The map below is from August.)  Interceptors look to a typical phone like an ordinary tower.  Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.

“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says.  “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip.  We even found one at South Point Casino in Las Vegas.”

Holy cow.  Let us pause to take due account of the fact that Goldsmith has incentives to hype the dire security situation facing “soft” smartphone users, to boost sales of his expensive product to well-heeled people with paranoid inclinations.  Let us also observe that the CryptoPhone500 could be misinterpreting the signals it is receiving, or the users could be misunderstanding what their complex devices are trying to tell them.  

Having said that, Popular Science and some other sources I’ve read on the subject sound fairly confident that the interceptor towers are a real phenomenon, and the CryptoPhones are accurately detecting them.  ESD America tested the detection capabilities of its phones by driving them past U.S. government facilities known to have cell phone interception technology, which must have made for some lively afternoons.

Who’s running these interceptors?  They turn out to be complex and expensive pieces of equipment, so it’s probably not a bunch of basement hackers fooling around, although it has been demonstrated that basic cell phone interceptors can be cobbled together for only a few thousand dollars.  Goldsmith is pretty sure it’s the government, but he’s not entirely sure which one:

“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.  So we begin to wonder – are some of them U.S. government interceptors?  Or are some of them Chinese interceptors?” says Goldsmith.  “Whose interceptor is it?  Who are they, that’s listening to calls around military bases?  Is it just the U.S. military, or are they foreign governments doing it?  The point is: we don’t really know whose they are.”

As Popular Science notes, just a few weeks ago the FCC opened an investigation into “the use of interceptors against Americans by foreign intelligence services and criminal gangs.”  Speaking of foreign intelligence services, the smartphone security environment is even more hostile in certain authoritarian regions overseas.  As one security consultant quoted by Popular Science put it, “I’m not bringing anything into China that I’m not willing to throw away on my return trip.”

Evidently normal phones take virtually no account of attacks from these phony cell phone towers; the most you’re likely to see, if you happen to be looking at your phone at precisely the right moment, is a brief downgrade from the usual 4G data service to one of the older, slower network protocols, such as 2G.  That’s because the interceptors work by tricking phones into using those older, less secure protocols.  Once you’ve read up on these mysterious interceptors, you’ll feel a little chill every time you see the status indicators in your phone’s toolbar do something weird.


Please let us know if you're having issues with commenting.