U.S. Secret Service Busts Giant SIM Farm in New York ⇥ wired.com
The U.S. Secret Service:
The U.S. Secret Service dismantled a network of electronic devices located throughout the New York tristate area that were used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials, which represented an imminent threat to the agency’s protective operations.
This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites.
That sure is a lot of SIM cards, and a scary-sounding mix of words in the press release:
“[…] telecommunications-related threats directed towards senior U.S. government officials […]”
“[…] these devices could be used to conduct a wide range of telecommunications attacks […]”
“These devices were concentrated within 35 miles of the global meeting of the United Nations General Assembly […]”
Reporters pounced. The New York Times, NBC News, CBS News, and even security publications like the Record seized on dramatic statements like those, and another said by the special agent in a video the Service released: “this network had the potential to […] essentially shut down the cellular network in New York City”. Scary stuff.
When I read the early reports, it sure looked to me like some reporters were getting a little over their skis.
For a start, emphasizing the apparent proximity to the U.N. in New York seems to me like a stretch. A thirty-five mile area around the U.N. looks like this — and that is diameter, not radius. If you cannot see that or this third-party website goes away at some point, that is a circle encompassing just about the entire island of Manhattan, going deep into Brooklyn and Queens, stretching all the way up to Chappaqua, and out into Connecticut and New Jersey. That is a massive area. One could just as easily say it was within thirty-five miles of any number of New York-based landmarks and be just as accurate.
Second, the ability to “facilitat[e] anonymous, encrypted communication between potential threat actors and criminal enterprises” is common to basically any internet-connected device. The scale of this one is notable, but you do not need a hundred-thousand SIM cards to make criminal plans. And the apparent possibility of “shut[ting] down the cellular network in New York” is similarly common to any large-scale installation. This is undeniably peculiar, huge, and it seems to be nefarious, but a lot of this seems to be a red herring.
Andy Greenberg, Lily Hay Newman, and Matt Burgess, Wired:
Despite speculation in some reporting about SIM farm operation that suggests it was created by a foreign state such as Russia or China and used for espionage, it’s far more likely that the operation’s central focus was scams and other profit-motivated forms of cybercrime, says Ben Coon, who leads intelligence at the cybersecurity firm Unit 221b and has carried out multiple investigations into SIM farms. “The disruption of cell services is possible, flooding the network to the degree that it couldn’t take any more traffic,” Coon says. “My gut is telling me there was some type of fraud involved here.”
These reporters point to a CNN article by John Miller and Celina Tebor elaborating on the threat to “senior U.S. government officials”: they were swatting calls targeting various lawmakers. Not nothing and certainly dangerous, but this is not looking anything like how many reporters have described it, nor what the U.S. Secret Service is suggesting through its word choices.