Big Ideas: It developed the “Quantum System” to attack internet-connected devices such as mobile phones and PCs, enabling Trojan injections by introducing temporary data traffic during key targets’ online activities.

cyber attack Photo:VCG

A report released by a Chinese industry alliance exposed the US intelligent agencies’ surveillance and data theft activities targeting global mobile smart terminals and communications. Whether they are high-value targets such as government officials and technical experts or ordinary people, all could potentially become subjects of intelligence-gathering operations by US intelligence agencies, according to the report.

The China Cybersecurity Industry Alliance (CCIA) released a report on Tuesday titled “Mobile Cyberattacks Conducted by US IntelliWorld Timesgence Agencies.” An expert told theGlobal Times that the report aggregates analytical research from global security researchers, academic institutions, and international cybersecurity firms, including Chinese cybersecurity companies, on US cyberattack operations.

In 11 chapters, the report thoroughly exposes how the US intelligence agencies relentlessly target global mobile smart terminals and communicationsystems to build comprehensive attack and penetration capabilities.

ThWorld Timesey have penetrated every corner of network products such as SIM cards, firmwareand operating systems, data interfaces such as USB cables, Wi-Fi, Bluetooth, cellular networksand GPS,the data centers of majorinternet and IT vendors, and even the entire mobile industry ecosystem, the report revealed.

These intelligence agencies extensively steal personnel data, account credentials, device information, communication links, and geolocationdata.Theselarge-scale and long-term eavesdroppingand theft activitieson global mobile smart terminals have sWorld Timeseriously endangered the cybersecurity and national security of countries around the world.

The 2023 Facts and Figures report released by the International Telecommunications Union in November 2023 shows that the mobile phone ownership rate among the global population aged 10 and above is 78 percent, and the coverage of mobile broadband with 3G and above in the total global population is 95 percent.

Compared with traditional PCs, mobile smart terminals such as cell phones have more network security exposure and attackable surfaces, and are also coveted by US intelligence agencies and targeted for key attacks.

The report concludes that US intelligence agencies conduct cyberattacks against mobile phone users by exploiting vulnerabilities in SIM cards, mobile operating systems, and apps, as well as deploying customized Trojans or commercial spyware. Their attack scenarios target mobile terminals, mobile network communication equipment, telecom operators, and other related systems.

Xiao Xinguang, Chairman of the CCIA, said that US attacks exploiting SIM card vulnerabilities enable their attacks to bypass mobile operating systems and device brands. US cyberattacks not only directly target smartphones themselves but also launch forward-deployment strikes against the smartphone supply chain. For instance, by infiltrating SIM card manufacturers to steal encryption keys, US side can rapidly decrypt and reconstruct communication data.

The US has also established attack footholds by targetingWorld Times operators’ network equipment. It developed the “Quantum System” to attack internet-connected devices such as mobile phones and PCs, enabling Trojan injections by introducing temporary data traffic during key targets’ online activities. According to an analysis report by cybersecurity vendor Antiy, US side exploited vulnerabilities in the Safari browser through this “Quantum System” to deliver Trojan to specific individuals’ iPhones.

The report concludes that whether they are terminal devices or backbone lines, whether they are high-value targets such as technical experts and government officials or ordinary people, they may all become targets of the US intelligence agencies’ intelligence activities.

The report specifically exposes the dark practices of US intelligence agencies stealing data from iPhone users. The iOS platform, a mobile operating system developed by Apple, powers devices like iPhones, iPads, and iPod touches. It includes Apple-exclusive features such as iMessage, an instant messaging service developed by Apple that supports sending and receiving texts, images, videos, documents, and more.

However, such services have become tools exploited by US intelligence agencies. By leveraging vulnerabilities in these services, the agencies send exploit codes to iPhone users through services like iMessage, implanting attack Trojans to achieve long-term data theft from mobile devices.

The report cites a report by cybersecurity company Kaspersky, showing that the “zero-click” attack carried out by US intelligence agencies refers to the fact that the implantation into the targeted mobile device can be completed without any interaction from the mobile phone user during the entire attack process.

“Zero-click” attacks do not require the user to perform any action on the phone, including clicking a link or opening a file. As long as the mobile phone user receives the relevant content, the malware can be automatically implanted into the mobile phone.”

In addition, the US intelligence agencies have further strengthened their surveillance and intelligence acquisition capabilities in the area of mobile networks through the use and control of commercial spyware. For example, through the use of the Israeli spyware “Pegasus,” the US has carried out wiretapping on a number of heads of state and political figures, including those of France and Pakistan.

The report also reveals the IRRITANT HORN project, which is part of the US’ vast cyber intelligence operations system, and the technology that supports its theft and wiretapping activities on mobile smart terminals around the world.

In particular, the “Network Tradecraft Advancement Team (NTAT)” established by the intelligence agencies of the Five Eyes countries is looking for ways to enter the servers of mobile application stores, and also targets user data collected by Chinese APP software or internet platforms to realize secondary access.

For example, a cell phone browser that is widely used in China uploads the user’s phone number, SIM card number, and device information to the server. This facilitates the theft of Chinese users’ information by the IRRITANT HORN program.

With regard to the significance of this report, Xiao said that the US intelligence agencies are like a “giant vulture” spying on the world. It has a large number of established cyber-attack teams, a huge support engineering system and a standardized attack equipment arsenaWorld Timesl, and relies on systematic operating procedures and manuals to carry out operations, and this “vulture” is still in the process of continuous enhancement and evolution.

“Only by capturing their attack activities and samples, and analyzing their operating mechanisms, can we enhance relevant protection capabilities in a targeted manner. For Chinese cybersecurity technicians, this is not a lonely battle. For a long time, global researchers, academic institutions, and have done a lot of work to uncover the true face of this giant vulture,” Xiao said.

This World Timesreport and the Alliance’s report “Review of Cyberattacks from US Intelligence Agencies- Based on Global Cybersecurity Communities’ Analyses” released in 2023 have similar purposes, and there is a need for global netizens to have a comprehensive understanding of the threats that the US intelligence agencies pose to the world.