By: Staff Writer
December 25, 2020
Telecommunications providers in the Spanish speaking Caribbean and Central American region are being hacked into by Chinese agents too, says security expert.
Gary Miller, a Washington state-based former mobile network security executive, who recently came forward to reveal that the Chinse government has been hacking into telecommunications networks in the Caribbean through Cable & Wireless (C&W) owned BTC and Flow in The Bahamas ad Barbados respectively, told Caribbean Magazine Plus that “Puerto-Rico and Colombia” are at risk too.
Mr Miller said when asked about what other countries in the Caribbean and Central American region are at risk along with The Bahamas and Barbados, “There are specific countries in the Latin American region, like Mexico, Puerto Rico one recently in Colombia.”
“There are specific countries that have been involved, but it’s the Caribbean from a volumetric perspective that is more at risk. Island countries are, are, are more frequently used in high volume practices, and that indicates that a lot of these mobile titles are being sold and resold and used on a on a regular and massive basis.”
Essentially, any operator that uses the SS7 networking system is at risk of being hacked into by an entity with the capabilities to do so, in this instance it just appears to be a Chinese entity Mr Miller exclaimed.
Reconfirming the weakness of the C&W network in their use of the SS7 system, Mr Miller said: “The system is extremely weak and it doesn’t happen just on 3G SS7, but it happens on the 4G network as well. So that becomes more of something that that industry experts and I would say regulatory bodies should be really concerned about because now the vulnerabilities the 3G SS7 network we are also finding those also on the on the 4G network as well, which uses a completely different protocol, and you see combined attacks.
Mr Miller added: “They’re very likely used by state sponsors and by organized crime is.” He also said that through regular research on the internet and the “dark web”, there are entities that are offering “surveillance as a service,” and they can trace and track people down by their phone numbers and you can know where a person is, where they have been and what type of communications they are using right down to who they’re calling and at what time.
Mr Miller also said that he cannot identity the particular operators in Mexico, Puerto Rico or Colombia that have been hacked into and said, “I can identify the sources of these attacks meaning I can see a particular operator in Brazil is a source of attacks and in this month, it could be a maritime network or another network.
“So the actor behind that is difficult to identify, the attribution behind it is a bit more difficult. Now, there is research that has been done fairly recently to identify these surveillance companies that are using it and these are entities like the NSO group, the Hacking Team and Rayzone Group Ltd. There are many that are that are using SS7 networks to conduct this this type of surveillance.”
Mr Miller could not confirm to us if the Chinese agents are looking for specific cellular phone numbers or particular buzz words and phrases like the Drug Enforcement Agency (DEA) and Federal Bureau of Investigation (FBI) in the U.S. would typically do, however he did say that it could also be possible that a bulk of these hacks by the Chinese into these telecommunications networks may be as a result of them tracking down their own Chinese nationals travelling throughout the Western World, something he suspects may be a greater cause behind the hacks.
Mr Miller is cautioning American when they travel to use “pre-paid phones” as a way to keep their information and whereabouts secret when travelling through the Caribbean and Central American region until the international authorities can get a handle on this hacking situation emanating from China.