Telecommunications firms from Israel have used their infrastructure over the last three years to track mobile phone users across more than 10 countries. The surveillance was uncovered by a new investigation by Canadian digital research group Citizen Lab.

Citizen Lab, which also uncovered the ‘Pegasus‘ Israeli spyware scandal, found two separate surveillance operations. These used older 3G and 4G infrastructure and modern 5G architecture to turn mobile phones into “tracking devices” and eavesdropping tools. The organisation revealed at least 15,700 location-tracking attempts since November 2022. Countries targeted include South Africa, Norway, Democratic Republic of Congo, Thailand, Bangladesh, and Malaysia.

The surveillance used “core global telecom systems” that route calls, texts and data across networks to extract user data. The firms also used ‘SIMjacking’, involving the use of hidden SMS messages to trick devices into sharing their location.

CitizenLab concludes that current systems can no longer be trusted to keep users safe and need urgent changes to create security:

The findings in this report expose how advanced actors operationalize telecom infrastructure to carry out campaigns persisting for years without detection. Telecom networks form the backbone of global civil society, and when trust is exploited for surveillance, the consequences extend beyond individual victims to mobile users worldwide. This investigation exposes more than protocol vulnerability issues in telecommunications; it shows governance failures across the entire interconnect ecosystem used for critical mobile communications. It also demonstrates how those weaknesses enabled the use of telecommunications infrastructure as a covert surveillance platform.

The global telecom ecosystem can no longer rely on legacy trust models. Without authentication, enforceable interconnect controls, transparency in commercial network access, and regulatory accountability, mobile networks will continue to serve as a global platform for covert espionage.

This surveillance is far from a one-off. All Samsung phones — at least in certain regions — contain ‘unremovable’ Israeli spyware. Apple sued Pegasus creator NSO for targeting users of its products. Police in Northern Ireland have admitted using Israeli spyware against UK citizens. Israel has bugged and sabotaged mobile phones to explode in Gaza and, notoriously, murdered and maimed thousands of people in Lebanon using exploding pagers and radios.

Israel sold the Pegasus spyware programme to oppressive governments globally. It was used in the murder of Saudi journalist Jamal Khashoggi.

Featured image via PublicCitizen

By Skwawkbox

From Canary via This RSS Feed.