• Home
• Company Profile
• Communication Monitoring
  • Lawfull Interception
  • LI Management Systems
  • Radio Fequency Monitoring
  • Internet Monitoring
  • Satellite Monitoring
  • PABX
    Monitoring
  • GSM-UMTS Tactical Monitoring
  • Speech
    Identifying
  • Passive
    Monitoring
  • SMS
    Interception
• Product Area
  • Surveillance Vans
  • Surveillance Equipments
  • Surveillance Systems
  • FinFisher IT Intrusion
  • TSCM Solutions
  • VIP Security Products
  • Government Training
• Events and Dates
• Contact
• Client Login

GSM /UMTS Tactical Monitoring and Locating

For operational field usage, offair GSM monitoring systems are very powerful. Such systems are portable and can be installed into vehicles for covert operations. Up to now, they work for GSM, GPRS and UMTS . Three different types are available:

Active systems
Such systems simulate a GSM base station to attract GSM phones away from the normal GSM network and log into the systems "faked" virtual base station. As soon as the phone is logged onto the active system, its identity is extracted (IMSI and IMEI ). By logging the phone onto the virtual base station the phone can be forced to transmit on a given channel, frequency and time-slot (establishing a "silent call"). This transmission can be picked up by a direction finding system (vehicle based or handheld) which then gives the exact position of the target phone.
When the target phone is logged into the active system intercepting of calls can be done, but only calls that are initiated by the target (target is out of the normal GSM network so no calls can be received by the target phone). In addition, phones can be completely taken off the real network ("intelligent jamming"), fake calls and SMS can be sent to the target phone, and private networking by using the virtual base station can be realized and the battery of the target phone can be drained, etc.
The active system also allows operating within UMTS networks. Collecting the identity of the target phone (IMSI, IMEI) can be done without bringing the phone down to GSM/ GPRS, therefore, no jamming of the overall UMTS signal is needed. For all other operations, such as locating the phone, intercepting, etc. the target UMTS phone will be pushed back into GSM mode by the system due to the two way authentication methods within UMTS networks.

Passive systems
The key function of passive off-air system is to intercept GSM phones (incoming calls and outgoing calls). The system monitors passively the air interface and therefore has no influence on transmitted numbers. The called party will always see the original calling number. Depending on the type of encryption on the air interface (5.0, 5.1, 5.2) such systems can be used and give very positive results. If 5.1 encryption is used, the key must be known, if not, then pure passive systems will not work with systems currently on the market. Passive off-air systems are portable and in combination with the use of directional antennas the range can be quite substantial (several kilometres).

Semi Active Systems
Semi Active systems are in place to realize GSM interception of 5.1 encrypted calls. With the active component of the system the target phone will be grabbed within milliseconds by using the 5.2 encryption mode. The 5.2 ciphering key will automatically be calculated and the authentic parameters of the target phone will be taken. These parameters are cloned onto another mobile phone (cloning box) attached to the semi active system establishing the link back to the real network (base station). The target's calls are now routed through the cloned mobile phone maintaining the same encryption, and target identity and recording for all incoming and outgoing calls is realized. Multi channel systems are available for recording of several calls at the same time.