cross-posted from: https://ibbit.at/post/63785
The Secret Service says it has uncovered what it’s calling “a network of electronic devices located throughout the New York Tri-state area that were used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials.” The news was announced, in part, over at the right wing propaganda website run by an overt white supremacist billionaire:
There are, however, some red flags that this is being over-hyped for attention and effect. Including a lot of completely unsupported language about what this tech “could be” used for.
In its press release, the Secret Service claims to have discovered around 300 co-located SIM servers and 100,000 SIM cards across multiple sites. The press release makes some vague hints of the networks having connections to known nation state actors:
“While forensic examination of these devices is ongoing, early analysis indicates cellular communications between nation-state threat actors and individuals that are known to federal law enforcement.”
I strongly suspect they stumbled into some mob-connected scam ring or textbot farm, and are over-hyping this for dramatic effect. The announcement is super vague, and while the Secret Service claims this network could have been used to disrupt communications ahead of an upcoming General Assembly UN meeting, there’s no evidence of that, and a lot of the hardware was collected over a 35 mile range:
“These devices were concentrated within 35 miles of the global meeting of the United Nations General Assembly now underway in New York City. Given the timing, location and potential for significant disruption to New York telecommunications posed by these devices, the agency moved quickly to disrupt this network.”
There are a lot of things within 35 miles of the UN, including a plethora of Dunkin’ Donut locations.
While this all sounds scary, it seems extremely unlikely that this collection of 100,000 SIM cards in use over this broad of an area could have ever meaningfully impacted cellular communications in New York City, which sees between nine and twelve million cellular users every day.
The mainstream headline coverage of the find (which again, included no supporting evidence of any kind that NYC was at actual, serious risk), were all appropriately hyperbolic, treating the threat to the UN and NYC itself as some sort of proven. None bothered to ask questions of any network engineers, or point out that the Secret Service provided literally zero supporting evidence for its bolder claims:
Cops routinely lie, and our consolidated corporate mainstream journalism genuinely sucks at pointing that out. But there’s also ongoing evidence of normalcy bias, wherein the press seemingly forgets that the U.S. government has also now been taken over by radical authoritarian zealots who have absolutely zero reservations about lying about everything, constantly.
From Techdirt via this RSS feed
There is a great article that shows this is a run-of-the-mill SIM farm used for spam. The Secret Service is blowing this way out of proportion. Here’s some choice bits:
On why the Secret Service is on the case
The backstory is a Secret Service investigation into threats sent to politicians via SMS messages. The miscreant used one of this spam farms to mask their origin. When the Secret Service traced back the messages, using radio “triangulation” (sic) to find the mobile phones, they found these SIM farms instead.
There’s no evidence the Secret Service is involved due to some actual national security or espionage threat — that’s just propaganda they are hyping.
On the size of the operation:
Their unofficial statements are designed to exaggerate even more, like “never before seen such an extensive operation”. The Secret Service doesn’t normally investigate such crime, so of course they are unlikely to have seen such an extensive operation.
The Secret Service hypes this as some sort of national security threat that can crash cell towers. The reality is that this is just a normal criminal threat that sometimes crashes cell towers. SMS is an ancient technology that works slowly even in modern cell networks. Too many SIM boxes spamming SMS in one location can indeed overwhelm a cell tower. You actually don’t need a bunch of SIM boxes to do it — you can sometimes crash a cell tower with a single baseband radio. Ask me how I know.
On their sources:
For decades now, when the NYTimes has a cybersecurity story from anonymous government officials, they quote James A. Lewis to confirm it. This guy used to work for CSIS (Center for Strategic and International Studies) but apparently has changed employers recently. Whenever I blog/tweet about bogus NYTimes cybersecurity stories, I point out this relationship with James Lewis. When you see anonymous government officials and James Lewis quoted in a NYTimes story, you are seeing government propaganda.
Another “expert” the NYTimes quotes is Anthony Ferrante [update]. He’s got the resume that the NYTimes loves. I’m famous among hackers for my technical expertise, but I would never be quoted in the NYTimes, because I don’t matter. The NYTimes only quotes people who matter, meaning, people involved at high levels of government, people with their resume posted on WEF.
On the 35 mile radius, I’ll let their image do the talking:
