When I first heard about the "fake cell phone tower", I thought to myself, hold on. Got something like "fake" cellular towers? ! ? Why would anyone want or use fake cell phone towers?
Pa, odgovorite na ova pitanja: Da, postoji mnogo lažnih tornjeva za mobilne telefone širom svijeta jer mogu prikupiti mnogo ličnih podataka o vama i vašem pametnom telefonu. Jedan od najgorih delova, ni vi ni vaš telefon nećete znati da se to dešava. Užasno, znam.
As with most technologies, "fake/rogue/unregistered" cellular towers can be used for valid or malicious purposes. However, for better or worse, we should all be aware of and pay attention to this growing data interception.
Šta je lažni toranj
First of all, fake cell phone towers have many different names: Stingray, Dirtbox, IMSI Catcher, etc. The government purchased fake towers from large contract organizations such as Boeing and Harris Corporation for hundreds of thousands of dollars. However, the fake tower can be made and used effectively, and the price is less than one thousand US dollars. The more you spend, the greater your ability and scope, but the key is that you can start invading people's lives with the least investment.
Secondly, fake cell phone towers perform similar tasks, deceiving phones (or other cellular-enabled devices) to connect by broadcasting stronger signals than other surrounding cell towers. Smartphones are designed to connect to the strongest signal available to reduce power limitations and optimize the user experience. Therefore, if the fake tower broadcasts a stronger signal than the legitimate tower, your phone will automatically switch-creating a perfect "man-in-the-middle attack"-to collect data from the phone before transferring you to the legitimate tower. You never know it even happened.
Ovo je vizuelni efekat njegovog principa rada:
Now that you understand how fake towers work, let's take a look at what they can collect.
Šta mogu lažni stubovi za mobilne telefone
As we outlined, if you connect to a fake tower, it's between your smartphone and the legitimate tower that collects data. This usually includes eavesdropping on conversations. Dialogues between potential criminals, business dialogues, and even sensitive government dialogues.
Čak i ako niste u razgovoru kada je vaš telefon povezan, toranj će i dalje prikupljati sve podatke koji prolaze kroz njega; SMS tekstualne poruke, emailovi, podaci aplikacija itd.
The fun doesn't stop there. Even if you do not make a call or transmit any data, fake cell towers can actively attack your smartphone, insert malicious code, and fundamentally control your phone. Therefore, even if you disconnect from the fake tower, the installed malware will continue to transmit data about you and your activities. This is called a remote radio frequency hacking and is very worrying.
Kolika je vjerovatnoća da se povežete na lažni toranj?
Povezivanje na lažni toranj će se razlikovati od osobe do osobe, ali ako živite u velikom gradu ili putujete u inostranstvo, izloženi ste većem riziku.
First, from publicly available information, Stingrays is being used all over the United States. This secret technology is only legally available to the government, and they don't need to report when it was purchased, used, or how it was used.
Second, if someone has the technical prowess and doesn't care about breaking the law, then a simple online guide can be used to create a fake tower. These "fake" towers will enable attackers to collect and learn a lot of sensitive personal and professional information from people connected to their towers. If someone clicks on your smartphone, you can make your brain frantically process all the information that may be collected. Commercial information, legal discussions, political opinions (yes, the country knows your political opinions on the phone), and personal information may be used for blackmail (parenting, children's social comments, etc.).
Treće, korištenje lažnih tornjeva je igra brojeva, jer želite ići tamo gdje većina ljudi živi i putuje. Lažne kule se obično postavljaju u uska grla kao što su aerodromi gdje ih svaki dan posjećuju mnogi ljudi. Međutim, prema izvještajima, lažni tornjevi su također postavljeni na letjelicu, pružajući sakupljačima podataka širu tačku gledanja.
Hoće li me zaštititi moj telefon ili država?
I hope you haven't thrown your phone out the window, and yelled and blasphemed! But it does get worse.
Prvo, kao što smo spomenuli, nikada nećete znati da li posjedujete ili se povezujete na lažni toranj, ili da li je vaš telefon napadnut (neznanje je blaženstvo!). Pametni telefoni su komercijalni uređaji i nemaju napredne sigurnosne značajke za identifikaciju, upozoravanje i sprječavanje naprednih napada (kao što su lažni tornjevi).
Drugo, gotovo da nema nadzora nad korištenjem i praćenjem ove tehnologije. Da, vlada ima određenu unutrašnju kontrolu nad načinom korištenja ovih uređaja za prikupljanje podataka, ali ništa ne može zaustaviti kriminalce. Vlada ne traži njihov signal, kao ni telekomunikaciona kompanija. Stvar je u tome da zlonamjerni akteri u blizini vašeg doma ili ureda možda koriste ovu tehnologiju i slabo prepoznaju aktivnost. Stoga, osim ako ne želite da potrošite milione dolara na kupovinu naprednog sistema koji prepoznaje zlonamerne signale tornja mobilnog telefona ili da napravite kućni komplet, svi čekamo snažan zlonamerni signal za povezivanje naših pametnih telefona.
Šta mogu učiniti da se zaštitim?
Iako je lažni toranj vrlo skriven i vrlo nametljiv, postoje koraci koje možete poduzeti da poboljšate sigurnost.
Prije svega, dajte sebi do znanja da su rizici najbolji način za odbranu od lažnih tornjeva za mobilne telefone. Znanje je moć, a budnost na potencijalne prijetnje pomoći će zaštiti vaše lične sigurnosti.
Second, reduce or eliminate your RF signal. Simple, free solutions, such as turning off your cell phone when crossing a traffic artery, are a good start. For example, please turn off your mobile phone when you arrive and pass through the airport, especially the international terminal. But keep in mind that turning the phone "off" will only reduce its RF signal, and will not 100 percent avoid attacks. If you need additional protection, you can purchase an RF shielding solution, such as our Privoro Privacy Guard, to eliminate all RF radiation from your mobile phone. Please note that if you purchase an RF solution, you will need at least 110 dB of RF attenuation to effectively avoid false towers. There are many solutions that claim to do the job, so research before buying anything.
3. Šifrirajte sve važne podatke; datoteke, internet saobraćaj i vaš telefon. Šifriranjem podataka napadačima će biti teže razumjeti podatke koje prikupljaju. Koristite jednostavna rješenja kao što su VPN klijenti (ne koristite besplatnu verziju), sveprisutni HTTPS i aplikacije kao što je Signal za šifrirane pozive. Nijedno od ovih rješenja neće zaštititi vaš telefon ili vas od metka, ali će podići barijere za ulazak.
The last point of this article is to stay vigilant and consider what you discuss and send via cell phone towers. As you learned today, whether legal or illegal, someone may extract information from your phone, conversation, and surrounding environment without your knowledge. You never know whether the information was captured by a third party, and the third party may use the data for their benefit or at your expense. Our "always connected" technological lifestyle can be easily read and "always monitored". Stay safe there.
