Tangentially related, the latest major Android release supports updates from the modem with details about whenever your IMSI/IMEI/unencrypted SUCI are disclosed to the network (with support for some contextual information, e.g. which protocol message was it disclosed in), as well as insight into the in-use network cryptography configuration for different protocols.
To see news related to them, search "Fake Base Stations" or "SMS Blaster", as this is how they're commonly referred to in the media now.
Other notable highlights from the last few years include: the news from Paris a few years ago where police detonated a car with an imsi-catcher in it because they thought it was a bomb, but actually the driver was being paid to send out sms spam via 2g downgrade attacks: https://commsrisk.com/paris-imsi-catcher-mistaken-for-bomb-w.... Also the attempt to disrupt the federal elections in the Phillippines using a kind of "SMS blaster" that takes advantage of unauthenticated emergency alert messages, so a step beyond the "classic" imsi catching attack that we haven't seen used in the wild before.
I work in the field of cell network security research and want to help clear up some misinformation I'm seeing in these comments.
First, I just want to highlight that reason cell site simulators (the more general term for StingRays/IMSI-catchers) exist is because cell phones cannot authenticate all messages coming from cell towers. I'm seeing some vague comments about "a lack of encryption", but it's primarily more of an authentication issue.
There are some interesting proposals for fixing this lack of authentication using a certificate-based PKI system, the most promising being this paper from Purdue: https://relentless-warrior.github.io/index.php/publications/.... This solution is very far from production-ready, but it's a much-needed step in the right direction.
We have SIM cards for 30 years to authenticate unique users to the network, but those same cards can't authenticate the network? No, this is entirely by choice and could have been trivially solved. They just forgot the "server certificate" part.
I'd say it's less a "choice" than an "oversight". SIM cards solve the problem of "how do we know if Random Phone is attached to an account and the bill is paid?" The question of "how does the phone know it's talking to a real tower" was never even ASKED, as the very idea would have seemed preposterous.
This happened with networked OSes too. There was a time when Ethernet jacks were trusted unconditionally and hosts could be authenticated by their IP address or worse. NIS used to use the "honor system." Great fun in college in the 90s :-)
The movie War Games came out 36 years ago, so the claim that no-one was even asking themselves about the value of authentication in public services all these years seems preposterous.
This would make features like free roaming much more difficult to implement. If given the choice, most people would probably opt for coverage over security.
