IMSI catchers in Ottawa – Canadian Government Executive

NEWS

SEARCH

SecurityTechnology
April 18, 2017

IMSI catchers in Ottawa

International Mobile Subscriber Identity (IMSI) catchers, often referred to by the brand name StingRay, exploit this weakness in the GSM specification to impersonate base stations.

CBC deserves full credit for exposing the presence of IMSI catchers in Ottawa. While this is only the beginning of the story, Canadians are starting to ask the right questions. Who is spying, why, and what are Canadian authorities doing about it?

Mobile devices (including phones, tablets, and 3G/LTE mobile hotspots) authenticate to the network, but there is no mechanism for mobile devices to authenticate the base station, making the entire system susceptible to classic man-in-the-middle (MITM) attacks. International Mobile Subscriber Identity (IMSI) catchers, often referred to by the brand name StingRay, exploit this weakness in the GSM specification to impersonate base stations. While Canadian agencies are only starting to admit owning the devices, they have existed since at least 2003, and range from high-power units suitable for fixed and mobile installations to concealed body-worn devices.

Surveillance device manufacturers are secretive about their products and features, but in general these devices are capable of metadata and content interception, as well denial of service and data modification attacks. Once a mobile device connects to an IMSI catcher (or any other base station), it obtains the mobile device’s IMSI, a unique global identifier.

In a simple scenario, an IMSI catcher can be used to identity mobile phones. By capturing data over time, individuals can be profiled. For example, by placing an IMSI catcher in range of Parliament Hill, a foreign intelligence agency could easily build a list of IMSIs regularly seen in the area. Combining that data with additional information, such as the House of Commons and Senate calendars, would make it possible to identify devices carried by Ministers, Members of Parliament, Senators, and their staff.

Once identified, mobile devices and the individuals who carry them can be effectively targeted. This could take the form of telephone call and mobile data interception. Other IMSI catchers could also be used to detect when targets enter a different location, and foreign intelligence agencies could leverage telephone networks to track targets.

Some IMSI catchers may be used to only collect IMSIs, but that approach is more problematic than it may appear. When a mobile phone is connected to an IMSI catcher without the ability to forward data to the real mobile network, mobile service is interrupted. This may alert targets, and has the potential to create serious public safety issues; calls to 911 would fail. This approach can also be used to disrupt communications and impact emergency response.

More sophisticated surveillance devices include the ability to forward outbound calls. Because base stations control encryption algorithm selection, they can force mobile phones to use no encryption or a weak algorithm. This allows calls to be intercepted, recorded, and forwarded on to the real telephone network. It is also trivial to selectively redirect outbound calls, SMS, and Internet communications to a different destination. Some products also incorporate direction finding functionality.

There is no legitimate need for IMSI catchers in Canada. While law enforcement agencies may disagree, the indiscriminately wide net cast by these devices creates serious privacy and public safety concerns. Rather than spoofing base stations, law enforcement should seek appropriate judicial approvals and obtain information directly from telephone network providers.

Back in 2006, Mark Klein, a former AT&T technician, exposed the telecom’s Internet surveillance cooperation with the NSA. This certainly impacted Canadian Internet communications, much of which still flows via the USA. More recently, Edward Snowden leaked classified information pertaining to surveillance operations of the NSA and US allies, including Canada. Even the Canadian Security Intelligence Service (CSIS) has issued public warnings related foreign government interference in Canada. Canadians must take a more active role in protecting themselves, their businesses, and their country.

It should be obvious to even casual observers that Canada is a target of foreign surveillance. Considering the concentration of politicians, senior bureaucrats, and embassies in the nation’s capital, the presence of IMSI catchers in Ottawa is hardly a surprise.

About this author

Eric Jacksch

Eric Jacksch

Eric Jacksch is a leading cybersecurity analyst with over 20 years of practical security experience. He has consulted to some of the world's largest banks, governments, automakers, insurance companies and postal organizations. Eric is a regular columnist for IT in Canada and was a regular columnist for Monitor Magazine and has contributed to several other publications.

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

Security
 
Facebook Pages can be an essential tool for businesses and charities,...
 
Cybersecurity professionals have sounded the alarm for years, and they are...
 
CBC deserves full credit for exposing the presence of IMSI catchers...
 
Security professionals have an obligation to communicate risks and recommendations to...
 
Over the decades, technology has been grafted into governments around the...
 
In this episode, J. Richard Jones talks about being candid about...
 
Criminals have reportedly threatened to take over 250 million Apple accounts...
 
In this episode, hear more about how Canada is a prime...
 
While the incoming administration of President-elect Donald Trump is being buffeted...
 
In the world that we are living in today, free and...
 
The RCMP adopted a new media strategy earlier this month by...
 
What would tomorrow’s cybersecurity look like? That’s an intriguing question to...
 
Terrorism operates with deadly regularity. In June 2016, a gunman who...
 
Just as the federal government has begun consultations on cyber security,...
 
Efforts by the government to counter the radicalization of young Canadians...
 
Canadian healthcare organizations and businesses in the financial industry are the...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
The challenge is clear: a fast-paced industry pressures organizations to simultaneously...
 
As populations grow and age, the demand for services increases. As...
 
By Michael Murphy Not all assets can and should be equally...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
As the battle between the FBI and Apple continues to escalate,...
 
Please to view this Content. (Not a member? Join Today! )...
 
Meet Bob Heart.  He is an outstanding employee who works hard...
 
A new study released yesterday, Securing the C-Suite, Cybersecurity Perspectives from...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Yesterday, Ontario Supreme Court Justice John Sproat ruled that the Peel...
 
I wrote about accountability more than a year ago. Recently, a...
 
Intelligence agencies have had widespread and long-running programs to gather, analyze...
 
What concerns me is whether or not we’ve got the balance...
 
One of the consequences of the Information Age in which we...
 
In March of 2011, the east coast of Japan was rocked...
 
BYOD is hot! But is it for you? If yes, which...
 
Protecting critical infrastructure from cyber threats is the shared responsibility of...
 
In numerous interviews with senior military commanders over the past several...
 
In early February, James R. Clapper, the U.S. director of national...
 
The widespread adoption of mobile devices as enterprise-level tools is occurring...
 
CGE Vol.13 No.2 February 2007 Public security, once a task relegated...
 
CGE Vol. 14 No.4 April 2008 In recent years, policy makers...
 
L’univers de la sécurité des TI évolue rapidement. À mesure que...
 
The world of IT security is rapidly evolving. As quickly as...
 
Cyber attacks don’t have to look highly sophisticated. Hackers are purposely...
 
The announcement regarding the establishment of Shared Services Canada (SSC) was...
 
There was probably a day in spring of AD 72 that...
 
The changing face of public and personal privacy in the face...
 
What role should governments and public servants play in safeguarding personal...
 
Some title Some author
Some excerpt
Facebook Pages can be an essential tool for businesses and charities,...

Member Login

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.