In context: Cell-site simulators (CSS), typically known as stingrays or IMSI catchers, are instruments legislation enforcement and governments make use of for numerous warranted duties, together with monitoring cellphone places, intercepting communications, espionage, and putting in malware. Sadly, criminals may use cell-site simulators.
Utilizing a CSS entails making a pretend 2G cell tower and tricking the goal cellphone into connecting. Each massive service within the U.S. besides T-Cellular has disabled their 2G and 3G networks, although T-Cellular plans to take action in April 2024.
Nonetheless, all mobile gadgets can hook up with 2G and 3G towers as a result of many nations nonetheless have lively 2G networks. Some growing nations rely solely on the outdated normal. Subsequently, producers select to not take away the potential because it may go away parts of their person base with out service.
In 2021, Google launched an non-obligatory characteristic for Android gadgets to show off the flexibility to hook up with 2G networks. Nonetheless, virtually all third-party Android producers don’t implement the characteristic. Probably the most notable is Samsung, which has no plans to allow this operate. Apple has additionally uncared for the problem for the previous few years. Nonetheless, iOS 17 introduces Lockdown Mode, which prevents iPhones from connecting to insecure 2G towers.
Google’s protecting measures towards CSS assaults go even additional by stopping the machine from utilizing “null ciphers.” Normally, connections with cell towers are absolutely encrypted with a “symmetric cipher,” however null ciphers should not encrypted by any means. They’re sometimes utilized by technicians performing community testing. Telephones additionally generate null ciphers for 911 calls if the SIM is broken or lacking. Sadly, since knowledge shouldn’t be encrypted with a null cipher, a hijacker utilizing a stingray can benefit from null ciphers and intercept any knowledge from the linked machine, equivalent to messages, calls, and web visitors.
Until you particularly want 2G connectivity, it might be a good suggestion to disable the characteristic in case your machine permits it. Customers on iOS would possibly wish to take into account enabling Lockdown Mode. Nonetheless, Lockdown Mode does way more than simply block 2G connections. It was designed to guard journalists, authorities officers, and different high-profile targets who may fall sufferer to state-sponsored assaults. So you might have to resolve whether or not the extra restrictions are price it.
As for Android customers, solely these on a Pixel 6 or newer can disable 2G companies. Till third-party Android producers benefit from Google’s measures, different Android gadgets will stay weak to CSS assaults.