29.8k unique visitors in the last 3 days

Hunting for Rogue Base Stations at MWC Barcelona

How would you detect a surveillance device at the world's biggest convention for mobile communications?

By pure chance, I had a lengthy conversation at this year’s Mobile World Congress with a man whose previous job had granted him intimate knowledge of the venue and what is involved in erecting and tearing down a vast number of exhibition stands within just a few days. This started me thinking about how easy it would be to use an event of this type to spy upon elite decision-makers. I was already annoyed by the inconsistent policy towards security; why would I be carrying a bomb on the second morning when nobody bothered to check the contents of my bag the day before? Do the staff who perform these searches even know what they are supposed to be looking for? A portable base station can look like a bomb to the untrained eye and there will be lots of equipment at an event like MWC whose purpose will be a mystery to most of the public. Meanwhile, a rogue base station used for espionage would not even need to be brought inside; it could just be driven around the perimeter.

We know that Europe has a growing problem with rogue base stations, though much of the problem is that telcos and police forces are not trying to find them. No SMS blasters have been reported in Spain so far, while neighboring France has only just completed a legal process that began with the police accidentally discovering an SMS blaster in late 2022. The two leaders of that French SMS blaster gang received 5-year prison sentences for orchestrating the transmission of millions of smishing messages, while a Chinese salesman received a 4-year sentence for supplying four SMS blasters. However, the advantage with hunting SMS blasters is that they draw attention to themselves by sending messages to members of the public who may report them. More proactive methods are needed to protect against rogue base stations that covertly collect data. So I asked my friends at NeoSoft AG, one of the exhibitors at MWC, to perform a quick experiment. NeoSoft is a Swiss firm that sells software and equipment to identify and pinpoint rogue base stations like SMS blasters and IMSI-catchers. I asked them if they would do a quick check to see if there were any unexplained radio telecommunications signals emanating from within the exhibition hall. The experiment was successful, in the sense that it only took a few minutes for them to hunt down a mystery device. They kindly provided a video to illustrate how their handheld detector measured the strength of radio signals as they walked around; you can see it below.

Nobody is suggesting any laws or rules were broken by the device that NeoSoft located. However, I hope the video does make people think about privacy. More and more people are arguing that we need more software on phones to listen to calls and to read messages, more global databases to monitor the reputation of phone numbers and to track who is calling whom. None are serious about vetting the people with access to this data, or are putting the necessary effort into setting enforceable limits to prevent these developments being abused. But as I said to Neosoft when discussing different kinds of customers for their products, there are even people who will pay to ensure there are no IMSI-catchers spying upon them.

One of the challenges with maintaining Commsrisk’s global SMS blaster map involves evaluating claims made the authorities about whether a rogue base station is being used to disseminate scams or to threaten security in a different way, such as interference by a foreign power in democratic elections. Not many people within the comms industry care about the potential abuses of comms equipment, so long as the regulatory ‘burden’ is always minimized, which is rather like another industry not caring how many children get shot while attending school, so long as nothing inhibits the sale of guns and ammunition. The difference is that an increasing number of guns encourages more people to buy guns to protect themselves, while the increasing abuse of comms services discourages people from using their phones. A little bit of regulatory ‘burden’ would slow the decline of telco revenues by curbing the worst abuses by the worst abusers, but there are so many inherently abusive telcos that it is difficult to reach consensus on even the most minimal standards for consumer protection.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email