A mobile network security expert has alleged China of using Caribbean mobile phone networks for surveillance and spying on American phone subscribers. The report was made by analyzing signal data. This has highlighted the decades old China’s alarming behavior of exploiting global telecommunication network to carry out espionage activities against the US.
The “alleged” attacks by China are believed to enable it to target, intercept and spy on the communications made by US phone users through telecom operators.
Gary Miller, a Washington based former mobile network security executive, said that in many cases it has been observed that China has been utilizing Caribbean network to carry out its surveillance. Miller has spent years studying and analyzing intelligence reports related to mobile threats and also observing traffic signal between US and foreign operators.
The allegations suggest that China used state-controlled mobile phone operator to direct signaling messages to US phone subscribers, especially when they are travelling abroad. “Signaling messages” can be understood as commands which are sent by telecoms operators across the global network, without the knowledge of mobile phone user. This allows mobile operators to locate the phones and connect one phone user to another. But some signaling messages, like in this case, can be used for illegal purposes, like tracking and intercepting communications.
Though US phone operators can successfully block these interceptions, but according to Miller, much hasn’t been done actively in this direction. This is also because many operators are not aware of how insecure the networks are.
Miller said, “Government agencies and Congress have been aware of public mobile network vulnerabilities for years. Security recommendations made by our government have not been followed and are not sufficient to stop attackers.”
“No one in the industry wants the public to know the severity of ongoing surveillance attacks. I want the public to know about it,” he added.
In 2018, Miller shares that he found out that China had conducted the maximum number of phone network surveillances on US subscribers over 3G and 4G networks. These espionage activities were mostly routed through China Unicom, state owned telecom operator. This gives a solid indication of this being a state-authorized espionage. Miller also believes that thousands of such surveillances have been carried out by China from 2018 to 2020.
“Once you get into the tens of thousands, the attacks qualify as mass surveillance, which is primarily for intelligence collection and not necessarily targeting high-profile targets. It might be that there are locations of interest, and these occur primarily while people are abroad,” Miller said.
Miller also notes “unique cases” in which the targeted US phone users by China Unicom were also simultaneously targeted by two Caribbean operators — Bahamas Telecommunications Company (BTC) and Cable & Wireless Communications (Flow) in Barbados. These cases occurred multiple times in span of 4–8 weeks, indicating as a “strong and clear” coordinated attacks.