Øyvind Stensby and Aleksander Gorkowienko
29 December 2014
To read the Norwegian article in full, click here.
PA’s Aleksander Gorkowienko, a cyber security expert, and Øyvind Stensby, an IT expert, have had a byline article published in Digi.no that looks at how International Mobile Subscriber Identity (IMSI) catchers capture sensitive information.
This article is written following a story by Aftenposten, Norway's largest newspaper, about how the country’s Prime Minister and members of parliament were being monitored by secret espionage equipment.
The article states the main problem is that such devices can easily be based on common mobile components or other low-cost radio equipment. This means anyone with the technical skill may be able to capture what people say. Moreover, there are a plethora of instructions online which detail how to build passive GSM-based monitoring units. As a result, it is not just agents who conduct classical security or industrial espionage – it might be the press or ‘hacktivists’ in their various forms.
To avoid such monitoring, the authors advise network providers to consider how IMSI is sent in the network: “TMSI should be used instead. This prevents the subscriber being identified and there are several apps and software that alerts the user when there is no encryption.”
The authors also highlight an interesting open source project called Android IMSI Catcher Detector, which aims to detect and avoid false base stations (IMSI catchers), and other base stations with poor or no encryption. The project will warn users if the encryption is turned off, but until this is in operation, the authors advise focusing on security processes regarding the use of mobile communications: “Governments should consider frequently changing SIM card and phones, and the phone must be switched off and placed outside meeting rooms where important decisions are taken.
“We can only hope that communication solutions for patient data and other upcoming critical projects take account of the new threat. The use of IMSI catchers and other ‘man in the middle’ attacks on communications are here to stay, and businesses and governments must take this into account when new projects are planned.
“Until the security is in place, adopt to the security moto from the Norwegian Defense – ‘if you don’t say anything which may compromise information, no one will get the information.’”