In context: Cell-site simulators (CSS), typically referred to as stingrays or IMSI catchers, are instruments regulation enforcement and governments make use of for varied warranted duties, together with monitoring cellphone areas, intercepting communications, espionage, and putting in malware. Sadly, criminals may use cell-site simulators.
Utilizing a CSS includes making a pretend 2G cell tower and tricking the goal cellphone into connecting. Each massive provider within the U.S. besides T-Cellular has disabled their 2G and 3G networks, although T-Cellular plans to take action in April 2024.
Nevertheless, all mobile units can connect with 2G and 3G towers as a result of many international locations nonetheless have lively 2G networks. Some creating nations rely solely on the previous normal. Due to this fact, producers select to not take away the aptitude because it may depart parts of their consumer base with out service.
In 2021, Google launched an non-obligatory characteristic for Android units to show off the power to connect with 2G networks. Nevertheless, virtually all third-party Android producers don’t implement the characteristic. Essentially the most notable is Samsung, which has no plans to allow this perform. Apple has additionally uncared for the difficulty for the previous couple of years. Nevertheless, iOS 17 introduces Lockdown Mode, which prevents iPhones from connecting to insecure 2G towers.
Google’s protecting measures in opposition to CSS assaults go even additional by stopping the system from utilizing “null ciphers.” Often, connections with cell towers are totally encrypted with a “symmetric cipher,” however null ciphers will not be encrypted in anyway. They’re sometimes utilized by technicians performing community testing. Telephones additionally generate null ciphers for 911 calls if the SIM is broken or lacking. Sadly, since knowledge will not be encrypted with a null cipher, a hijacker utilizing a stingray can benefit from null ciphers and intercept any knowledge from the linked system, resembling messages, calls, and web site visitors.
Except you particularly want 2G connectivity, it might be a good suggestion to disable the characteristic in case your system permits it. Customers on iOS would possibly need to contemplate enabling Lockdown Mode. Nevertheless, Lockdown Mode does rather more than simply block 2G connections. It was designed to guard journalists, authorities officers, and different high-profile targets who may fall sufferer to state-sponsored assaults. So you might have to resolve whether or not the extra restrictions are value it.
As for Android customers, solely these on a Pixel 6 or newer can disable 2G providers. Till third-party Android producers benefit from Google’s measures, different Android units will stay susceptible to CSS assaults.