Pierluigi Paganini
December 12, 2016
A couple of years ago I published a post on Stingray Technology trying to explain how governments track cellular devices.
A StingRay is an IMSI-catcher (International Mobile Subscriber Identity) designed and commercialized by the Harris Corporation. At the time of the article, the cellular surveillance system was costing as much as $400,000 in the basic configuration, and its price varied with add-ons ordered by the agency.
The IMSI-catcher is a surveillance solution used by military and intelligence agencies for telephone eavesdropping. It allows for intercepting mobile phone traffic and tracking movements of mobile phone users. Essentially, an IMSI catcher operates as a bogus mobile cell tower that sits between the target mobile phone and the service provider’s real towers. The IMSI catcher runs a Man In the Middle (MITM) attack that could not be detected by the users without using specific products that secure communication on mobile devices.
The use of the IMSI-catcher is raising a heated debate in the United States because devices like StingRay and other similar cellphone tracking solutions are being widely adopted by law enforcement agencies across the country.
StingRay allows law enforcement to intercept calls and Internet traffic, send fake texts, inject malware on a mobile device, and to locate the targets.
Now Curtis Waltman from Motherboard published an interesting blog post which provided further details on the cost of the StingRay phone surveillance tool.
Waltman published data provided by the Rochester Police Department in New York that responded to the Cell Site Simulator Census, an initiative that census the cellphone surveillance equipment use and policy.
“A mapping of police departments and agencies nationwide that are using IMSI catcher (Stingray) technology. Included in this mapping is a focus on the policies, procedure and contractual agreements that department’s are formulating as they adopt the controversial surveillance device.” states the description for the census.
Data shared by Motherboard are very interesting and provides useful insights about their surveillance systems, their components, and prices. It a “completely unredacted quote list of Harris Corporation products”.
Documents shared by the Rochester Police Department show clearly how Harris sells the Stingray equipment to law enforcement.
According to the documents, devices are often sold in packages, like the StingRay II Vehicular System that is offered for sale with devices (i.e. Three different kinds of Harris’ Harpoon signal amplifiers) that allow its use for a patrol vehicle.
How much cost a StingRay II Vehicular System?
The package includes a laptop, three kinds of software for accessing different types of cellular networks, and an AmberJack cellphone tracker goes for a grand total of $148,000.
“The Amberjack is an important accessory for the surveillance systems like Stingray, Gossamer, and Kingfish. It is a direction-finding system antenna that is used for cellular device tracking. It costs nearly $35,015″ I wrote in a blog post published early this year.
The prices for the AmberJack is quite similar I published early this year.
According to documents published by Motherboard, The KingFish package, Harris Corporations smaller, mobile version of the StingRay, is sold for $157,000.
The single KingFish device is not so expensive as I have reported early this year.
“Kingfish is a surveillance transceiver that is used by law enforcement and intelligence agencies to track cellular devices and exfiltrate information from mobile devices over a targeted area. It could be concealed in a briefcase and allows gathering of unique identity codes and shows connections between phones and numbers being dialed. Its cost is slightly higher than $25,000.”
The Rochester PD expressed its interest for the entire KingFish, except the laptop.
The company is including in the surveillance packages also training activities that go for $12,000.
“These packages also come with the option of a training package, costing $12,000, and a one year maintenance package that will cost $169,000 if your department decided to splurge for the whole line of Harris’ products (this was 2011 so the 4G network cell site simulator the HailStorm wasn’t released yet.) Training isn’t included interestingly enough, so police departments are more or less forced to pay for training on these complicated and powerful devices.” states the post published by Motherboard.
The note at the end of the document provides also further details of the surveillance technology, including the specifications required to use the equipment in a real scenario.
“The StingRay and Kingfish can be run out of a car’s cigarette lighter, while the StingRay II requires a 2000W power inverter. That is hungrier for power than almost any household appliance, save a dryer or oven.” continues the post.
If you are interested in StingRay surveillance technology, give a look at the article “StingRay Technology: How Government Tracks Cellular Devices”
| [adrotate banner=”9″] | [adrotate banner=”12″] |
Pierluigi Paganini
(Security Affairs – Surveillance, Law enforcement)
[adrotate banner=”5″]
[adrotate banner=”13″]
