Phony Cell Towers Could Be Intercepting Your Data

Illustration for article titled Phony Cell Towers Could Be Intercepting Your Data

You wouldn't know an interceptor from an ordinary cellphone tower, there's no way you can. Except that when your phone connects to one, a variety of over-the-air attacks become possible—everything from eavesdropping to pushing spyware on the device. It all happens stealthily, silently.


It turns out that there are way more interceptors in the United States than anyone had previously thought. Les Goldsmith, the CEO of ESD America, the company that makes the super-secure CryptoPhone 500, found 17 phony towers around the U.S. in July alone. No one knows for sure who's running them, Goldsmith tells Popular Science.

"What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?" he says. Here's how interceptors exploit your smartphones:

[Interceptors] are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone's main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.


To test his company's secure phone against interceptors, Goldsmith drove past a certain government facility in the Nevada desert, where the CryptoPhone "lit up like a Christmas tree", while his iPhone and Samsung Galaxy S4 showed no signs of being intercepted at all. A telltale sign of being intercepted was that the CryptoPhone was forced down from 4G to 2G, a much older protocol that is easier to decrypt in real-time.

So do you need a CryptoPhone to protect yourself? Popular Science says that if you're not realistically of any interest to the U.S. government and never leave the country, you probably don't. Indeed, the CryptoPhone's primary customers are executives who do business in Asia, according to Goldsmith. Also, a single CryptoPhone costs $3,500, so even if you are freaking out, it's not exactly an impulse buy. [Popular Science]

Top image: Shutterstock

Share This Story

Get our newsletter



Dumb questions, but in CT, you can't put up a tower without going through the appropriate regulatory hurdles. If these interceptor towers are on military bases, then it makes sense that they've been able to skirt the process. Are these specific towers, or individual components on existing towers? It would seem far easier to place specific intercepting components on, say, and existing AT&T tower than plan, construct, and maintain an individual intercepting tower. Especially considering the complacency of telecoms with NSA "requests."