Android 14 Takes Aim at Cellular Security, Fights Stingray Attacks
August Release Expected
Overt Operator
August 09, 2023
To enhance cellular security for both individual consumers and enterprises, Google has unveiled new features in its upcoming Android 14, expected to be released later in August.
These advancements target key vulnerabilities that can be exploited through "Stingray" attacks, which intercept users' data, voice, and SMS by mimicking cell towers.
Stingrays, or cell-site simulators, trick devices into connecting with them rather than legitimate cell towers, allowing attackers to gather sensitive personal data, including call metadata, SMS and voice call content, data usage, and browsing history, and device IMSI (International Mobile Subscriber Identity).
These powerful man-in-the-middle attacks have been largely mitigated in 4G but remain a threat through downgraded 2G connections.
Android 14 aims to close this security gap by allowing consumers and enterprises to turn off support for 2G on their devices or managed device fleets. This comes along with the ability to disable support for null-cipher (unencrypted) cellular connectivity at the modem level, which further strengthens security.
This security enhancement joins over 200 controls available in Android Enterprise, such as the option to disable WiFi, Bluetooth, and data signaling over USB.
Stingray attacks have become increasingly common in recent years, with law enforcement agencies and surveillance firms employing them to spy on cell phones.
The new feature in Android 14 marks a significant step in enterprise security, particularly for those managing device fleets like government agencies, enterprise entities, or other organizations. They can now restrict 2G connectivity downgrades on all devices under their control, minimizing the risk of such intrusions.
While Android already ensures end-to-end encryption for all IP-based user traffic, Google highlights that certain communication types like circuit-switched voice calls and SMS messages can still be exposed on cellular networks. Typically, this data is shielded by the cellular link layer cipher.
However, users have no control over its strength and reliability, and recent reports have shown that null ciphers (no encryption) are prevalent in commercial networks. These unencrypted connections expose data in an easily readable form to potential interceptors.
To combat this threat, Android 14 will introduce a feature that lets users deactivate support for null-cipher connections at the modem level. This applies to devices that adopt the latest radio hardware abstraction layer (HAL).