Using mobile networks for cyber attacks as part of a warfare strategy
AdaptiveMobile Security published a research which highlights how vulnerabilities in mobile network infrastructure could be weaponized in offensive military operations.
Setting out how the combination of military and mobile telecom-enabled targeting capabilities can create a battlefield advantage; the paper illustrates the consistency of such a model with the concept of hybrid warfare.
It was observed that a mobile network threat actor designated as ‘HiddenArt’ actively sustains a capacity to remotely access the personal devices of targeted individuals around the world on an ongoing basis. Since detecting this threat actor, periodic reconnaissance activities were observed in at least 7 target mobile networks around the world and given the wide geographic distribution of these targeted mobile operators, it is probable that the threat actor is active on a global scale.
“Malicious mobile network signalling attacks must be recognized as a state-level cyber threat to individual nations as well as to collective security, and an integral component of hybrid warfare”, says Cathal McDaid, CTO, AdaptiveMobile Security.
“Given that mobile networks are part of the critical national infrastructure of a state, we aim to highlight the increasingly profound implications of vulnerabilities in telecom network infrastructure for the security and stability of societies, economies, and states.”
The paper demonstrates that malicious mobile network signalling attacks carry the potential to pose a significant national security threat to any country whose citizens are targeted over mobile networks when executed by a threat actor with the overall capability, persistence, and aggressiveness exhibited by ‘HiddenArt’.
These attacks can become extremely impactful when used as part of a hybrid warfare strategy and could be deployed in a range of scenarios, including targeting of military personnel, interception of civilian communications and disruption of national mobile networks.
“In the cybersecurity world, trust in the restraint of a potential attacker is not an option. We are releasing this paper and highlighting these security risks with the intent of drawing the attention of the international community and to deter potential attack activity”, says Rowland Corr, Director of National Security Intelligence, AdaptiveMobile Security. “All states that are serious about national security need to prepare and protect from similar attacks on their critical communications infrastructure.”