US authorities uncovered a surveillance activity allegedly powered by a rogue entity that is tracking phones of Government officials and foreign diplomats.

Something very strange has happened in the Washington, D.C., region, experts noticed an unusual amount of highly suspicious cellphone activity. The fear is that a rogue actor is attempting to spy on communications of numerous individuals, including US Government officials and foreign diplomats.

The news was reported by the Washington Free Beacon who viewed sensitive documents regarding the issue and interviewed security insiders. The level of sophistication of the attacks suggests the involvement of a foreign nation-state actor.

“The authorities observed a large spike in suspicious activity on a major U.S. cellular carrier has raised red flags in the Department of Homeland Security and prompted concerns that cellphones in the region are being tracked.” reads the article published by Free Beacon. “Such activity could allow pernicious actors to clone devices and other mobile equipment used by civilians and government insiders, according to information obtained by the Free Beacon.”

According to the Free Bacon, attackers siphoned a huge amount of location data from a U.S. cellular carrier allowing the control of several cell phone towers in the area.

The activity was spotted by a program known as ESD Overwatch that monitors cell towers activities for anomalies, the software is supported by DHS and ESD America.

According to a report prepared by ESD Overwatch, a contractor working on behalf of DHS, the data gathered by the ESD Overwatch program shows the U.S. cell carrier has experienced “unlawful access to their network for the purpose of large scale subscriber tracking.”

“Cell phone information gathered by the program shows major anomalies in the D.C.-area indicating that a third-party is tracking en-masse a large number of cellphones. Such a tactic could be used to clone phones, introduce malware to facilitate spying, and track government phones being used by officials in the area.” continues the Free Bacon.

“The attack was first seen in D.C. but was later seen on other sensors across the USA,” according to one source familiar with the situation. “A sensor located close to the White House and another over near the Pentagon have been part of those that have seen this tracking.”

The threat actor is trying to identify and track cellphones when they connect cellphone towers. The DHS’s Office of Public Affairs confirmed that the ESD Overwatch program was used in a 90-day pilot program that began Jan. 18.

There is also another disconcerting aspect of the story, it this the first time a threat actor launched a similar surveillance campaign?

According to the Free Beacon, there is no reply to my answer, “before the [ESD Overwatch program] surveillance program was initiated the federal government did not have a method to detect intrusions of the nature seen over the past several months.”

An official with ESD Overwatch confirmed the existence of the DHS program.

The surveillance of US cellular communication has been a top concern in Congress, lawmakers petitioned DHS on Wednesday to have information on the countermeasures in place to prevent foreign threat actors from spying on communications.

 

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – cyber espionage, surveillance)