Mobile Threat Intelligence Reports

FAR FROM HOME - FOREIGN SURVEILLANCE threat INTELLIGENCE

Far From Home is a ground-breaking mobile threat intelligence report providing a comprehensive vision into foreign surveillance attacks and cyber espionage threat activity against US mobile phones. The intelligence reports expose 3 years of active surveillance operations targeting US mobile users, where years of mobile network exploitations have resulted into exposing user location and communications. The reports feature global rankings to reveal source countries and network operators originating the attacks. Featuring live attack traces, global attack heat maps and deep insights into operations from networks in China, Russia and the Middle East, these reports are the culmination of independent expert investigations into attack data from state sponsors and organized crime entities against mobile users on 3G and 4G networks.

Far From Home - Foreign Attacks of US Mobile Users 2018-2019

Far From Home Threat Intelligence Report provides details of foreign cyber threats sourced from mobile networks during 2018-2019. It includes key themes, targeting classifications, surveillance methods employed, forward-looking risk assessments and a breakdown of 3G and 4G attack rankings. Additional insights are provided into threats from China, Russia and Eastern European networks as well as Palestine.

Far from Home - Part 2 Threat Intelligence - Technical Supplement and 2020 Analysis report provides an update and deep dive into the techniques used by foreign networks in active surveillance attacks, with an analysis of espionage-related attacks from foreign sources using 3G and 4G. Also provided are never before seen traces of live attacks from China, Greece, Mexico and Palestine, deep investigations into mobile threat trend activity and key attack observations with current source statistics in 2020.

Far-From-Home_Intel-RP_2018-2019_B (pdf)

Download

Far-From-Home-Intel-RP-2_2020 (pdf)

Download

Far From Home - threat intelligence report highlights

Exigent Media Foreign Surveillance Report

Foreign Surveillance Activity of US Mobile Users is Massive in Scale

Millions of attack transactions take place on a monthly basis. Massive volumes of threat activity have occurred for years and continues to this day.

Allies, Adversaries and Neutral Countries Participate in Espionage Attempts Targeting US Phones

Surveillance operations against US mobile users is not limited to traditional adversaries. Allied and neutral countries are also active participant sources where mobile networks are used to monitor US phone locations and communications.

Detecting Surveillance Activity is Easier Than Preventing It

Security firewalls provide detection and prevention of attacks. However, many network operators use conservative prevention approaches to reduce the risks of potentially disrupting international roaming service.

Attacks Take Place on Both 3G and 4G Networks

Mobile devices use 3G and 4G networks simultaneously. Threat actors exploit this technology to increase the success rates of attacks. In 2020, attackers are adapting to favor 4G attack vectors which poses greater risks to 5G networks.

Attacks are Coordinated Between Foreign Country Network Operators

Countries are observed attacking the same mobile users with similar attack methods. Attacks sources from multiple Caribbean countries were observed with indications of network selling for conducting intelligence operations.

The Lack of Security Mandates Increases Attacks From Developing Nations

Current security guidelines are not sufficient to hold networks accountable for these attacks. The lack of mandates encourages small nations to participate in the threat economy, effectively selling their network to adversaries.

More Threat Research Available

This report only reveals the surface of foreign espionage activity. If you have more details on mobile network attacks or are interested in hearing more about mobile network attack trends and insights we would love to hear from you directly at the email below.

To be provided with special access, reporters, media and NGO's should contact Exigent Media directly using the secure contact link below or send a secure email to exigentmedia@protonmail.com or request an email encryption key and we will respond ASAP.