China has been accused of using mobile phone networks to surveil tens of thousands of people in other countries as part of its alleged espionage campaign that has been described as both “aggressive” and “sophisticated” by cyber security experts.
According to a published report, a mobile network security expert who has analysed sensitive signals data detailed the findings that paint an alarming picture of how China is exploiting decades-old vulnerabilities in the global telecommunications network to route “active” surveillance attacks through telecoms operators.
The alleged attacks appear to be enabling China to target, track, and intercept phone communications of phone subscribers, according to research and analysis by Gary Miller, a Washington state-based former mobile network security executive.
At the heart of the allegations are claims that China, using a state-controlled mobile phone operator, is directing signalling messages to US subscribers, usually while they are travelling abroad.
Signalling messages are commands that are sent by a telecoms operators across the global network, unbeknownst to a mobile phone user. They allow operators to locate mobile phones, connect mobile phone users to one another, and assess roaming charges. But some signaling messages can be used for illegitimate purposes, such as tracking, monitoring, or intercepting communications.
It is currently not known whether some of the African countries are among those targeted. However, China recently donated several computers to be used in public offices across the country.
But Director of the Strategic Technologies Program at the Center for Strategic and International Studies (CSIS), James Lewis, described the attack in an interview with the Guardian newspaper as “just another example of a really aggressive and pretty sophisticated campaign” that illustrate people in several countries are “under a sustained espionage attack on anything that connects to a network”.
A spokesperson for the Chinese embassy in Washington said: “The Chinese government’s position on cybersecurity is consistent and clear. We firmly oppose and combat cyber-attacks of any kind. China is a staunch defender of cybersecurity.”
Meanwhile, the US has issued an emergency warning after discovering that “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems.
According to Financial Times, hundreds of thousands of organisations around the world use SolarWinds’ Orion platform. The US department of Homeland Security’s cyber security arm ordered all federal agencies to disconnect from the platform, which is used by IT departments to monitor and manage their networks and systems.