In September 2019, attribution was given to Israel for the IMSI catchers discovered in Washington, D.C. two years earlier, shining light on the prevalence of these types of spying devices. Once used solely by law enforcement as a way of finding the international mobile subscriber identity (IMSI) linked to a criminal suspect’s SIM card for investigative purposes, now just about anyone can acquire or build an IMSI catcher to intercept a target’s communications. With such low barriers to entry, it’s no longer just the bad guys who need to be worried about these devices.
At a basic level, an IMSI catcher – also known as a cell-site simulator, fake cell tower, rogue base station, StingRay or dirtbox, to name a few of its many descriptors – consists of two main parts: a radio frontend for sending and receiving radio waves and a network backend for simulating a cellular core network. Today, anyone with a software-defined radio (SDR) and a computing device running an open-source base station program (like OpenBTS) can effectively operate an IMSI catcher.