For the first time, the Department of Homeland Security (DHS) formally admitted that rogue stingrays, or unauthorized cell-site simulators, have been used in Washington, D.C., but the agency has no way to find them.The Associated Press got its hands on a letter sent to Sen. Ron Wyden (D-Ore.) in which DHS official Christopher Krebs said \u201canomalous activity\u201d that appears to be consistent with International Mobile Subscriber Identity (IMSI) catchers had been detected in National Capital Region.DHS\u2019 National Protection and Programs Directorate (NPPD) did not know which type of devices were being used or who was operating the stingrays, which can track phones as well as intercept calls and messages. Yet \u201cNPPD believes the use of these devices by malicious actors to track and monitor cellular users would be unlawful and threaten the security of communications, resulting in safety, economic and privacy risks.\u201dIn the March 26 letter, Krebs was answering questions asked by Wyden in November 2017. Krebs did not specify how many devices were detected or where in D.C. they were located. DHS was also \u201caware\u201d of stingrays being used in other cities but didn\u2019t specify which ones.DHS lacks the 'technical capability' to find the stingraysIn fact, even though stingrays used by foreign spies \u201cmay threaten U.S. national and economic security,\u201d Krebs indicated that DHS couldn\u2019t find the stingrays because it lacks the \u201ctechnical capability\u201d to do so. Instead, the findings were shared with \u201cfederal partners.\u201dFor DHS to detect the stingrays being used in Washington and other cities, it would \u201crequire funding to procure, deploy, operate and maintain the capability, which includes the costs of hardware, software and labor.\u201dAlthough NPPD \u201cbelieves the malicious use of IMSI catchers is a real and growing risk,\u201d the Associated Press pointed out that shutting down malicious stingrays would require expensive wireless network upgrades and \u201ccould also lead to conflict with US intelligence and law enforcement,\u201d which happily use stingrays for their own purposes.Sen. Wyden said, \u201cLeaving security to the phone companies has proven to be disastrous,\u201d yet \u201cthe FCC has refused to hold the industry accountable \u2018despite repeated warnings and clear evidence that our phone networks are being exploited by foreign governments and hackers.\u2019\u201dThe FCC formed a task force in 2014 to look into the unauthorized use of stingrays, but it never produced so much as a report.That was the same year when security researchers performed public sweeps to identify unauthorized cell tower simulators being used near the White House, Supreme Court, Pentagon, and other locations.Aaron Turner, president of Integricell, took part in the conducted sweeps. He told the Associated Press that every embassy \u201cworth their salt\u201d had installed a stingray. \u201cThey use them \u2018to track interesting people that come toward their embassies.\u2019 The Russians\u2019 equipment is so powerful it can track targets a mile away, he said.\u201dGranted, Washington, D.C., is full of people who work for three-letter agencies, and it could pose a national security threat if foreign governments are using stingrays for spying purposes. However, stingrays \u2014 which trick mobile devices into connecting to them instead of a cell tower \u2014 are used by most U.S. intelligence agencies and at least 25 police departments. Over the years, we\u2019ve learned the devices are often used without first obtaining a warrant for dragnet surveillance.Is anyone really surprised to learn that type of surveillance is being used against the agencies using the devices on regular people? AP pointed out that the \u201csurveillance-savvy\u201d encrypt their phones and communications; you should, too.