DHS says unauthorized Stingrays could be in D.C. area

DHS has acknowledged the presence of unauthorized surveillance devices in the Washington, D.C., area that could be exploited by foreign spies to track and intercept phone calls.
Wikicommons photo CC2.0

The Department of Homeland Security has acknowledged the presence of what appear to be unauthorized  mobile surveillance devices in the Washington, D.C. area and elsewhere in the United States that could be exploited by foreign spies to track and intercept phone calls.

The devices, often referred to as Stingrays after a popular model made by Harris Corp., imitate a cell tower to capture caller location and other associated data. While they have been used by U.S. law enforcement for years, their use for foreign espionage in the U.S. has been a source of speculation.

In a March 26 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop and other news outlets, DHS’s National Protection and Programs Directorate said the department has observed “anomalous activity” in or near the nation’s capital that “appears to be consistent” with such surveillance devices, which are also called international mobile subscriber identity (IMSI) catchers. The NPPD has not validated or attributed the surveillance activity to any particular person or device, the letter said.

“Overall, NPPD believes the malicious use of IMSI catchers is a real and growing risk,” top NPPD official Christopher Krebs wrote to Wyden. Krebs added that such use of IMSI catchers is illegal, but that his directorate is unaware of any DHS capability that could be used to detect the devices.


The Associated Press was first to report on DHS’s letter to Wyden.

Wyden wrote to Krebs in November demanding to know whether foreign intelligence services had used IMSI catchers on U.S. soil. “Foreign government surveillance of senior American political and business leaders would obviously pose a significant threat to our country’s national and economic security,” Wyden wrote.

Joseph Lorenzo Hall, chief technologist at the nonprofit Center for Democracy & Technology, told CyberScoop he hopes DHS will eventually disclose the locations of IMSI catchers “as that would allow NGOs like us to advise people to not go to certain areas or turn their phones off (or wrap them in foil).”

While some in the telecoms industry are trying to use forthcoming 5G standards to protect against IMSI catchers, “until that happens, we can only be armed with knowledge of where these things might be,” Hall added.

A DHS study of mobile device security published last year identified IMSI catchers as one of a handful of “emerging threats,” noting that the devices “are being marketed worldwide for 2G, 3G, and 4G exploitation.”

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts