Sim Farm Found by Secret Service Might Have Scammed Citizens. It Was Unlikely to Cause a Cellular Blackout.

The U.S. Secret Service said it dismantled a network of electronic devices located throughout the New York City region that were used to conduct multiple telecommunications-related threats toward senior U.S. government officials. (Courtesy United States Secret Service)

The New York “SIM farms” dismantled Tuesday by the U.S. Secret Service could have scammed citizens, but cellular operators and security experts say it would have had a hard time blacking out the city’s 5G cellular network during this week’s United Nations meetings.

On the morning before President Donald Trump’s U.N. speech, the Secret Service said it found more than 300 illegal telecom devices spread around the New York area. They held 100,000 cellular SIM cards that could pump out mischievous text messages and wireless calls. Photos showed compute servers racked along apartment walls, their insides bulging with cables and SIM cards.

The agency warned that these SIM farms might have disabled cellphone towers or overwhelmed networks by flooding them with simultaneous calls—in what is known as denial-of-service attacks.

“The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated,” said U.S. Secret Service Director Sean Curran.

The government’s investigation continues. Based on what’s been released so far, however, the threat to New York’s 5G network may not have been great, say industry experts.

Each phone and device connected to a cellular network has a unique SIM card that identifies it to cell towers and the network. SIM farm operators buy thousands of them and pack them into a few computers to make mischief.

Around the world, SIM farms power the scams that send you text messages claiming you owe traffic fines or just won a jackpot—while seeming to come from a local phone number. Over 300 people were arrested across seven African countries in March, when an Interpol operation called “Red Card” broke up SIM farms.

These setups can host millions, or tens of millions, of individual SIM cards—each zapping out untraceable calls or messages in bulk, says Philippe Langlois, whose mobile-network security firm P1 Security has helped bust such operations.

A few firms in China supply the hardware and software used by most SIM farms, and Langlois recognizes it in the photos released by the Secret Service on Tuesday.

SIM farms usually get discovered when a mobile network operator—like Verizon Communications or T-Mobile US —notices too many SIM cards filling the wireless spectrum near a tower, often with telltale radio quirks. The Secret Service, Verizon, and AT&T didn’t have immediate comment on the SIM farm bust.

“The wireless industry works both individually and collaboratively with law enforcement every day to protect America’s critical telecommunications infrastructure,” said Nick Ludlum, senior vice president for communications at the wireless industry association CTIA.

While SIM farms may churn out malicious messages before they are shut down by network operators and law enforcement, they aren’t likely to crash a modern network by flooding it with traffic, says T-Mobile Chief Information Officer Jeff Simon. T-Mobile’s 5G network has protocols to mitigate such denial-of-service attacks, and continue service for first responders and business customers.

“Our 5G stand-alone network has multiple measures in place that identify, counteract and stop this type of network abuse…when this type of attack attempts to disrupt communications,” said Simon.

Write to Bill Alpert at william.alpert@barrons.com