A recent report from iVerify warns that sensitive mobile traffic in several U.S. allied countries is being routed through networks owned by Chinese firms. Key countries such as Japan, South Korea, and New Zealand were found to rely on China Mobile International, China Telecom Global, and China Unicom Global for telecom interconnection services. These Chinese-owned providers can gain unencrypted access to mobile signaling data, exposing millions of users to potential surveillance, including tracking locations, intercepting communications, and installing spyware or malware via man-in-the-middle attacks.
The researchers emphasized that the vulnerabilities identified in the report are far from hypothetical. With control over international telecom routes, Chinese state-owned firms are well-positioned to conduct surveillance operations, enabling them to track device locations in real time, intercept voice and SMS communications, and exploit network weaknesses to push malicious software onto devices. These activities represent a significant threat to the privacy and security of mobile users, with Chinese providers having access to critical user data across global networks.
The report also draws attention to the history of foreign surveillance campaigns and cybercriminal activities exploiting telecom vulnerabilities, especially those linked to Huawei equipment. Threat actors have used these network weaknesses to launch phishing attacks, hijack WhatsApp accounts, and track device locations across international mobile networks. The report highlights the growing problem of telecom infrastructure being leveraged for espionage, where Chinese-owned mobile providers have embedded surveillance capabilities that can be used passively or actively by Beijing.
The report concludes by urging a critical review of global mobile interconnect security to prevent these vulnerabilities from being exploited. Chinese mobile providers’ involvement in the global telecom network poses a significant risk to the privacy of billions of users worldwide, according to iVerify. The researchers called for policy intervention to address these risks and prevent further compromises, particularly as Chinese cyberthreat groups like Salt Typhoon continue to target U.S. telecom networks and escalate their surveillance efforts.
Reference: