StingRay Phone Trackers are Being Used to Hack UK Mobile Calls Indiscriminately

By Gerald Lynch on at

Get ready for a big fat "I told you so!" from the tinfoil hat wearers. Sky News has uncovered evidence that StingRays (the fake network masts that US authorities use to track citizens) are in use in the UK.

Rupert Murdoch's news arm used software built by a German security company to track down the StingRay installations, and found at least 20 within three weeks of searching.

StingRays, like the small box pictured above, mimic a network mast's signal, encouraging your phone to connect automatically in the same way they would to the strongest network signal from your carrier. Once your phone has unwittingly hooked up to the StingRay, those responsible for its installation can harvest all manner of data, from phone numbers to call durations and, in more advanced equipment, even record call conversations and text messages.

UK police forces, according to Privacy International, are deploying the StingRays under the Police Act 1997 Part III, which regulates bugging a criminal target's home. However, the act is a grey area when it comes to handling mobile bugs, so it's not clear just how widespread the StingRay installations are. The Guardian, for instance, notes that London's Metropolitan Police force bought "information and communications hardware" for surveillance purposes as far back as 2008.

Speaking to Sky News, Met commissioner Bernard Hogan-Howe refused to detail precisely how the StingRays are being used, and how long they've been in use.

"We're not going to talk about it, because the only people who benefit are the other side, and I see no reason in giving away that sort of thing," he said.

What's that saying about walls having ears? [Sky News]