The police is spying on and blocking Internet access to North Dakota pipeline protesters through cell site simulators without a warrant

No comments
The demonstration at Standing Rock, North Dakota is the largest gathering of indigenous people in modern American history. Over 280 tribes and thousands of non-native volunteers have gathered to protect the Sioux's ancestral water supply, which they believe will be poisoned when the North Dakota Access Pipeline inevitably leaks. Most of the coverage you've seen has probably come in the form of Twitter and Facebook rage-screaming in all-caps gibberish, or it looks like this:
That vague title leaves a lot open to interpretation. And if the internet has taught us anything, it's that interpretation is not the average person's strong suit ... or even their medium suit, for that matter. "Clash" suggests an equal meeting of force, and that's really not the case when one side has military hardware and the backing of a multi-billion-dollar corporation, and the other side ... well ... doesn't. Reading that headline makes the story sound identical to every other protest of the last 20 years. But thanks to sites like Twitter, "water protectors" with drones can put video of how that "clash" really looked in front of thousands of eyes:
rtyson82/Twitter
Less "clash," more zero-degree "splash."
It would be easy for me to make a snide joke here about people crafting bumper-sticker-sized commentaries about a protest as high-profile as this, but Twitter is way more important than you might realize. See, Standing Rock wouldn't still be here if it wasn't for social media. It's not a "protest," like the Occupy demonstrations or the endless marches before Desert Storm's gritty reboot. The main camp is a huge, sprawling 5,000 person campout. One that runs off its own renewable power, offers free coffee 24 hours a day, and manages to feed and provide emergency care for its thousands of volunteers. The protest camp area has become a makeshift city -- though not one you're likely to hear an annoying, pandering pop song about.
Robert Evans/Cracked.com
Robert Evans/Cracked.com
Robert Evans/Cracked.com
Take me down to the Protest City, where there is no grass but counseling tipis.
We met carload after carload of those volunteers, and the critical supplies they brought to camp, like firewood and things to wipe your butt with that isn't firewood. Talking to these people, we heard variations of the phrase "I wouldn't be here if it weren't for Facebook." Which is both awe-inspiring and cartoonishly surreal. And now, keeping in mind everything I've told you so far, here's where things get crazy. Like, "too far-fetched for a movie" crazy ...
Modern mobile communications were instrumental to the most formidable protest and revolutionary movements of this century so far, from Egypt's Tahrir uprisings to Greece's Movement of the Squares. Governments always have weapons -- the people only have each other, and occasionally Molotov cocktails. That's why the Egyptian government tried to fight the protests in 2011 by cutting off the entire nation's internet access, and why Turkey's new sorta-dictator Recep Tayyip Erdogan attempted to block Twitter access in his country.
So maybe it's not surprising that someone is trying to kick Standing Rock off the internet. (And yes, we've got evidence to back us up. None of this is loopy conspiracy talk.) We first encountered the idea through hearsay, via a man we met at the big camp, in a large tent filled with U.S. military veterans. He'd been a 25 Bravo in the Army -- an information technology specialist. He was the first to allege that the planes flying over were equipped with what he called "scramblers," which "fed white noise into the cell signals" to interfere with internet access at Standing Rock and "keep information from getting out."
Robert Evans/Cracked.com
Look, not every movement has "printer" money.
"The moment you hit this camp from the highway, the signal goes to [nothing]." He added that, "People are reporting their cellphones are turning on, their [apps] are turning on, their battery is draining." In any other situation, we'd have been prepared to write this off as the world's lamest campfire story. It's the kind of story you'd expect to be followed up with "totally real" pictures of Bigfoot or something. But ...
We ran into similar strange rumors across camp for the next couple of days. People from every corner, whether they had been on site for days or for months, would talk about their cellphone signals cutting out just as drones circled above. Mobiles would switch themselves off and on again -- not in pocket but in hand. Camera apps were opened out of nowhere, and batteries would drain by enormous percentages, killing the phones in minutes, rather than the steady decline of any device pinging back and forth searching for a signal. There were even reports of people's Gmail accounts being hacked.
Robert Evans/Cracked.com
We were unable to even Instagram this picture of our morning coffee.
So is this even possible? Could DAPL, the company building the pipeline, Energy Transfer Partners (which owns them), the local police, or even the FBI use special planes to steal data and block internet access at Standing Rock?
In a word, "yes." In eight words, "Oh fucking fuck, the government has internet-stealing Cessnas!"
We brought all this -- the cell-blocking and reports of weird phone activity -- up to Marc Rogers, a security expert and white-hat hacker who, among other things, advises the show Mr. Robot. He wasn't sure what was going on at Standing Rock, but noted a device called a "Stingray" might be the culprit.
The Stingray is one of a family of devices called "cell site simulators," which do exactly what it sounds like they do: simulate a fake cell tower. This allows the authorities to track people without using their GPS data, and thus without one of those pesky warrants. Other cell site simulators, like a DRT box, or dirtbox, are capable of decrypting data and voice calls from any phone that connects to them. These devices are also capable of booting protesters off the internet. Marc explained:
"Blocking data is easy. Most of the time, it happens by accident. All they have to do is broadcast a cell tower with a stronger signal than the legitimate towers. At that point, your device will connect to it rather than legitimate ones." (This is why it's important to turn off your data before attending anti-government demonstrations, and in airplanes.) Once connected, it's easy to carry out a man in the middle attack, which "allows them to eavesdrop on calls and potentially mess with data connections."
Marc noted that, "I have never heard of the latter being done by U.S. authorities." But they certainly have the capability. Chicago and Los Angeles police have had dirtboxes for more than a decade. A number of U.S. police departments have purchased Stingrays in the past few years. Since these cell site simulators can cost hundreds of thousands of dollars, they're often donated to local PDs by the FBIor the corporations that make them. A Stingray was most recently used by the Baltimore police to disrupt the protests after Freddie Gray's death. So it's not like John Law is averse to blocking people's data via techno-fuckery. And sometimes they do it with planes, because if you're going to do shit like this, you might as well do it in the scariest way possible.
In 2014, The Wall Street Journal broke the story that the U.S. Marshals Service had commissioned a fleet of fixed-wing aircraft with dirtboxes. And last year, we learned that the FBI also has their own fleet of dirtbox-equipped planes, mostly Cessnas, registered to a series of dummy corporations with names like "KQM Aviation." And no, this information isn't from some website with an Illuminati pyramid worked into the logo; the AP figured this out, and they've provided so much documentation that anyone who reads it will literally shit credibility.
Marc made sure to note that a number of things could have caused all this funky phone behavior. For example, rural cell towers aren't built to smoothly handle thousands of new people "checking in" on Facebook. Our stories were all anecdotal, and conspiratorial thinking is going to thrive at any given gathering of thousands of people who regularly contend with armed riot police. And while a handful of other sites have reported on rumors of digital eavesdropping at Standing Rock, and the ACLU has submitted a freedom of information request looking into the matter, solid evidence has been in short supply. Or it was, until we ran into this charming sign on the wall of the media tent:
Robert Evans/Cracked.com
Again, printer ink ain't cheap.
Like every other tent at Standing Rock, the media tent at the Oceti Sakowin camp, commonly called "big camp," is filled with volunteers. They gave each of us a rundown of the camp's rules. (We feel like the "no drugs or alcohol" rule was stressed more stringently once they learned we wrote for Cracked.) Eventually, a press liaison named Michael explained that the open WiFi networks were basically a honeypot. "There are a number of unsecured WiFi networks within an eighth of a mile" of the camp. Those who connected would discover that their email passwords had been changed and they were temporarily locked out of their accounts. Michael also reported that the WiFi at the press tent "gets DDoS'd every couple of hours."
Open WiFi is possible to spoof fairly simply, using legitimate-looking portals to collect any entered data, like email addresses and passwords. Setting up an attack can be as easy as hiding a device in a desired location and waiting for people to connect. Michael referred us to a pair of cybersecurity experts from NYU who'd been gathering data on all this for a while. One expert, whom we'll call "Chuck Justice," documented an ARP-based DDoS attack on the press tent's WiFi. "In [an] ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway to tie up the resource of attacked gateway or host." ARP-spoofing like this can be used to simply stop service, or to conduct a man in the middle attack. No condom. No cab fare home. Just a raw, unapologetic cyber dick-down.
This is a Wireshark simulation of what he observed in the midst of one such attack, based on the data he gathered at the time. It suggests that something funky is happening and that digital war zone photography probably won't ever win a Pulitzer. Chuck noted that an open hot spot appeared as soon as the attack commenced. "Because the network was slow due to this DDoS, people would be tempted to join an insecure network." The other expert, Ted, joined this network, and while he was performing a network diagnostic, "someone accessed [his] Gmail."
Cracked.com
"It feels like there was an attack on all the accessible networks in order to prompt people to join the insecure one." Chuck also noted that while this attack was underway, a plane "was circling low" in the sky. He used a special kind of radio, an RTL-SDR, "to pick up transponder transmissions," which include "location and altitude hex codes and etc" from the plane. (You can find that data here.) A lookup of the plane's registration data shows it belonging to the Nebraska Highway Patrol.

A little off-course, huh, guys?
But when we tried to look into that flight history, it was mysteriously absent:
Chuck pointed out that the site we were using to look this plane up "gets its data from an FAA stream, but law enforcement can request to have certain logs removed." He's in the process of filing a Freedom of Information request to see those logs. But Chuck took data on other planes in the sky during his visit. One of them was registered to the North Dakota Highway Patrol, and one was registered to the North Dakota Fish & Game Department. Both of the others are weird. This Cessna ...
Federal Aviation Administration
... was sold to the South Dakota highway patrol in 2007, but they never bothered to change the registration over from "Mat Weekly Aviation." And this Cessna was listed as being owned by the Nebraska State Patrol:
Federal Aviation Administration
Now, Nebraska, South Dakota, and North Dakota are NOT known to employ Stingray-style technology. Most of these planes may just be for visual surveillance. It's worth noting, though, that all these out-of-state planes are Cessna T206H's, the same model the FBI prefers to load up with Dirtboxes. That, plus the fact that one of these planes was in the air over Standing Rock at the same time as a DDoS attack on the press tent's WiFi and the appearance of a mysterious "open" hot spot acting as a honeypot all seems like more than coincidence. We've included Chuck Justice's data in this article, because we've really got to get back to writing about Back To The Future. Some site with an "investigation" budget should probably take it from here. Maybe the guys from Spotlight? This feels like the kind of problem that could use some Ruffalo.

No comments :

Post a Comment

Thanks For Sharing Your Views