Report Cautions that US Allies are Utilizing Chinese-Owned Mobile Networks

Recent research indicates a concerning trend among mobile service providers across 35 nations, including significant U.S. allies, which have been routing sensitive telecommunications through networks controlled by Chinese firms. This revelation, issued by security research group iVerify, raises alarms about potential exposure to foreign surveillance.

Countries such as Japan, South Korea, and New Zealand utilize major Chinese interconnect providers like China Mobile International, China Telecom Global, and China Unicom Global for mobile traffic. The report highlights that these Chinese entities could gain unmediated, unencrypted access to vital mobile signaling data, thus enabling them to perform “man-in-the-middle” attacks that expose authentication credentials, text messages, location information, and Internet traffic involving millions of users worldwide.

The researchers noted that the risks associated with these vulnerabilities are substantial, with state-owned telecom companies from China having a strategically advantageous position to execute large-scale surveillance operations. These entities are capable of tracking device locations in real time, intercepting both SMS and voice communications, and covertly deploying malicious software onto targeted devices through signaling-level techniques.

The document titled “Abusing Data in the Middle” examines historical instances of surveillance campaigns carried out by foreign adversaries, particularly focusing on vulnerabilities found within U.S. carrier roaming agreements. These vulnerabilities often stemmed from reliance on Huawei equipment integrated into international networks, which has allowed threat actors to exploit mobile networks, thereby facilitating the tracking of devices, compromising online accounts, and conducting targeted phishing operations.

Beyond American allies, the Chinese telecom ecosystem has a wide-ranging influence, with major operators in Southeast Asian nations such as Thailand, Malaysia, Vietnam, and the Philippines leveraging China’s state-owned infrastructure for interconnectivity. This expansive reach underscores the potential risks associated with these services for all parties involved.

In light of these findings, iVerify advocates for a thorough evaluation of mobile interconnect security, emphasizing that international espionage firms are now providing embedded telecom surveillance capabilities. The report cautions that entities owned by China might enable the Chinese government to execute both passive and active surveillance measures.

The report further states that without proactive policy interventions, the integration of these foreign networks into global telecommunications infrastructure poses a direct risk to the privacy and security of billions of mobile users across the globe.

Chinese cyber threat actors have been ramping up efforts to infiltrate U.S. telecommunications infrastructure, with a particular emphasis on a campaign attributed to a group known as Salt Typhoon. This persistent campaign has targeted the networks of at least nine major U.S. telecommunications providers. Linked to China’s Ministry of State Security, the Salt Typhoon group was reportedly entrenched within domestic telecom frameworks well before the operation became public in the lead-up to the 2024 presidential election.