CHAPTER 4: TECHNOLOGY
New capabilities
IMSI catchers
4.72.
Interception capabilities in relation to mobile phones are considerable, due to the
increasing sophistication of devices called IMSI catchers or IMSI grabbers.98 These
devices intercept signals between a mobile phone and a mobile phone base station,
by mimicking the mobile phone base station.
4.73.
The capabilities of the devices vary considerably. Some collect IMSI and International
Mobile Station Equipment Identity numbers of mobile phones within the range of the
device. These unique identifying data can then be used to identify the owner of the
mobile phone. More sophisticated devices have the ability to intercept outgoing calls
and text messages. Some can even alter the content of a text message and block
calls. The most sophisticated devices can deploy malware.
4.74.
Reports suggest that the devices have been attached to aeroplanes,allowing collection
over a wide area. They are sold on the open market for as little as £100, and bodyworn versions are available.99
4.75.
Rather more simply, man-in-the-middle attacks using WiFi are now commonplace.
Access Point names may be duped, and both data and metadata collected easily.
Demonstrations of such systems in use are often given at security events to reveal
how vulnerable most people are around WiFi and mobile devices.100 Software and
techniques for extracting WiFi passwords is also widely available.
Geotime
4.76.
It was reported in 2011 that Geotime software had been purchased by the Metropolitan
police. This is said to aggregate information gathered from social networking sites,
GPS devices like mobile phones, financial transactions and IP network logs to build a
detailed picture of an individual’s movements.
Location data
4.77.
98
99
100
Advances in technology have not only increased the opportunities for
SIGINT. Surveillance methods have also become more sophisticated. For example,
it has been seen that location data can be tracked by intercepting mobile phone
towers. However, the advent of Google Maps means such information can also be
obtained by intercepting Google Map queries on phones. According to a leaked GCHQ
Brand names for these devices include DRTboxes and Stingrays. The existence of safeguards against
the misuse of these devices by police and other public authorities was the subject of a written question
in the House of Lords at the end of 2014. The response given was that investigative activity involving
interference with property or wireless telegraphy is regulated by the Police Act 1997 and the Intelligence
Services Act 1994 [ISA 1994]: Hansard HL 11 November 2014 Written Answers col 24.
See S.K. Pell and C. Soghoian, “Your Secret Stingray’s no Secret Anymore: The Vanishing Government
over Cell Phone Surveillance and its impact on National Security and Consumer Privacy”, (2014)
Harvard Journal of Law and Technology, Vol 28, No 1.
How to hack Wifi | Evil Twin Access Point | Man in the Middle Attack | MITM |
(https://www.youtube.com/watch?v=aIyKZuxNRnk).
68