By analyzing signals data, the report by Washington-based Exigent Media found that Beijing, working through state-owned telecom operator China Unicom, was the leading source of attacks against U.S. mobile users over 3G and 4G networks in 2018.
The regime exploited well-known network vulnerabilities, which allowed it to track, monitor, disrupt, and intercept communications of U.S. phone subscribers while they traveled abroad. The vulnerabilities are centered around the legacy mobile SS7 signaling system, described in the report as “a patchwork system enabling network operators around the world to communicate with each other for international roaming services.”
The Chinese cyberattacks targeted tens of thousands of U.S. mobile users from 2018 to 2020, Gary Miller, the report’s author and a former mobile network security executive, told The Guardian.
“Once you get into the tens of thousands, the attacks qualify as mass surveillance, which is primarily for intelligence collection and not necessarily targeting high-profile targets,” Miller said. “It might be that there are locations of interest, and these occur primarily while people are abroad.”
That the attacks were routed through a state-controlled operator indicates a state-sanctioned espionage campaign, Miller told the outlet.
The analyst also found that in 2018, two Caribbean operators were also involved in a series of attacks on U.S. phone users targeted by China Unicom, suggesting coordination between these networks. The two operators were Cable & Wireless Communications (Flow) in Barbados and the Bahamas Telecommunications Company (BTC).
The report found that from 2019, attacks from China decreased, while those originating from the Caribbean networks shot up—suggesting that Beijing was attempting to mask its activities through foreign operators.
“China reduced its attack volumes, favoring more targeted espionage, likely using proxy networks in the Caribbean and Africa to conduct its attacks, having close ties in both trade and technology investment,” the report stated.
Citing Beijing’s expanded investment in the Caribbean, such as Chinese telecom giant Huawei’s partnership with BTC on the Bahamas’ 4G rollout, the report questioned whether this indicated a “strategic signals intelligence alliance between China and the Caribbean.”
The report added it was likely that Caribbean operators have sold or leased network addresses to Chinese entities, allowing them to conduct espionage, potentially without the operators’ knowledge.
Cable & Wireless, the company that owns Flow and BTC, said in an emailed statement to The Epoch Times that it was “carefully reviewing the information in the media reports.”
The company added that it continuously monitors its networks across all its markets including Barbados and Bahamas and has “robust security policies and protocols in place to protect the data of our customers.”
China Unicom didn’t immediately return a request by The Epoch Times for comment; officials told The Guardian that it “strongly refutes the allegations that China Unicom has engaged in active surveillance attacks against U.S. mobile phone subscribers using access to international telecommunications networks.”
In April, the U.S. Federal Communications Commission (FCC) warned that the U.S. operations of China Unicom and two other state-controlled telecoms could be shut down, citing national security risks.
FCC Chairman Ajit Pai said federal agencies were “deeply concerned” about the companies’ vulnerability to the “exploitation, influence, and control of the Chinese Communist Party.”
Report author Miller found that attacks on U.S. mobile users continued in 2020, originating from Chinese and Hong Kong sources, as well as other countries.
“Unfortunately, these attacks will continue globally between mobile operators until full accountability, reporting of the attacks, penalties, and control of external ‘partners and customers’ who are provided with access to networks are exercised,” Miller told The Epoch Times in an email.
“This needs to happen immediately.”