Chinese hackers and user lapses turn smartphones into a 'mobile security crisis'
FILE - A child holds an iPhone at an Apple store on Sept. 25, 2015 in Chicago. (AP Photo/Kiichiro Sato, File)
By DAVID KLEPPER
Cybersecurity investigators noticed a highly unusual software crash — it was affecting a small number of smartphones belonging to people who worked in government, politics, tech and journalism.
The crashes, which began late last year and carried into 2025, were the tipoff to a sophisticated cyberattack that may have allowed hackers to infiltrate a phone without a single click from the user.
The attackers left no clues about their identities, but investigators at the cybersecurity firm iVerify noticed that the victims all had something in common: They worked in fields of interest to China's government and had been targeted by Chinese hackers in the past.
Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. Groups linked to China's military and intelligence service have targeted the smartphones of prominent Americans and burrowed deep into telecommunication networks, according to national security and tech experts.
It shows how vulnerable mobile devices and apps are and the risk that security failures could expose sensitive information or leave American interests open to cyberattack, those experts say.
'The world is in a mobile security crisis right now,' said Rocky Cole, a former cybersecurity expert at the National Security Agency and Google and now chief operations officer at iVerify. 'No one is watching the phones.'
U.S. authorities warned in December of a sprawling Chinese hacking campaign designed to gain access to the texts and phone conversations of an unknown number of Americans.
'They were able to listen in on phone calls in real time and able to read text messages,' said Rep. Raja Krishnamoorthi of Illinois. He is a member of the House Intelligence Committee and the senior Democrat on the Committee on the Chinese Communist Party, created to study the geopolitical threat from China.
Chinese hackers also sought access to phones used by Donald Trump and running mate JD Vance during the 2024 campaign.
The Chinese government has denied allegations of cyberespionage, and accused the U.S. of mounting its own cyberoperations. It says America cites national security as an excuse to issue sanctions against Chinese organizations and keep Chinese technology companies from the global market.
'The U.S. has long been using all kinds of despicable methods to steal other countries' secrets,' Lin Jian, a spokesman for China's foreign ministry, said at a recent press conference in response to questions about a CIA push to recruit Chinese informants.
U.S. intelligence officials have said China poses a significant, persistent threat to U.S. economic and political interests, and it has harnessed the tools of digital conflict: online propaganda and disinformation, artificial intelligence and cyber surveillance and espionage designed to deliver a significant advantage in any military conflict.
Mobile networks are a top concern. The U.S. and many of its closest allies have banned Chinese telecom companies from their networks. Other countries, including Germany, are phasing out Chinese involvement because of security concerns. But Chinese tech firms remain a big part of the systems in many nations, giving state-controlled companies a global footprint they could exploit for cyberattacks, experts say.
Chinese telecom firms still maintain some routing and cloud storage systems in the U.S. — a growing concern to lawmakers.
'The American people deserve to know if Beijing is quietly using state-owned firms to infiltrate our critical infrastructure,' U.S. Rep. John Moolenaar, R-Mich. and chairman of the China committee, which in April issued subpoenas to Chinese telecom companies seeking information about their U.S. operations.
Mobile devices can buy stocks, launch drones and run power plants. Their proliferation has often outpaced their security.
The phones of top government officials are especially valuable, containing sensitive government information, passwords and an insider's glimpse into policy discussions and decision-making.
The White House said last week that someone impersonating Susie Wiles, Trump's chief of staff, reached out to governors, senators and business leaders with texts and phone calls.
It's unclear how the person obtained Wiles' connections, but they apparently gained access to the contacts in her personal cellphone, The Wall Street Journal reported. The messages and calls were not coming from Wiles' number, the newspaper reported.
While most smartphones and tablets come with robust security, apps and connected devices often lack these protections or the regular software updates needed to stay ahead of new threats. That makes every fitness tracker, baby monitor or smart appliance another potential foothold for hackers looking to penetrate networks, retrieve information or infect systems with malware.
Federal officials launched a program this year creating a 'cyber trust mark' for connected devices that meet federal security standards. But consumers and officials shouldn't lower their guard, said Snehal Antani, former chief technology officer for the Pentagon's Joint Special Operations Command.
'They're finding backdoors in Barbie dolls,' said Antani, now CEO of Horizon3.ai, a cybersecurity firm, referring to concerns from researchers who successfully hacked the microphone of a digitally connected version of the toy.
It doesn't matter how secure a mobile device is if the user doesn't follow basic security precautions, especially if their device contains classified or sensitive information, experts say.
Mike Waltz, who departed as Trump's national security adviser, inadvertently added The Atlantic's editor-in-chief to a Signal chat used to discuss military plans with other top officials.
Secretary of Defense Pete Hegseth had an internet connection that bypassed the Pentagon's security protocols set up in his office so he could use the Signal messaging app on a personal computer, the AP has reported.
Hegseth has rejected assertions that he shared classified information on Signal, a popular encrypted messaging app not approved for the use of communicating classified information.
China and other nations will try to take advantage of such lapses, and national security officials must take steps to prevent them from recurring, said Michael Williams, a national security expert at Syracuse University.
'They all have access to a variety of secure communications platforms,' Williams said. "We just can't share things willy-nilly.'
© Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Japan Today
2 hours ago
- Japan Today
Apple plays it safe on AI despite Wall Street pressure
By Glenn CHAPMAN and Alex PIGMAN Apple on Monday remained on its cautious path to embracing generative AI even as rivals race ahead with the technology and Wall Street expresses doubts over its strategy. The pressure was on Apple not to disappoint at its annual Worldwide Developers Conference (WWDC) a year after the iPhone juggernaut made a promise it failed to keep -- to improve its Siri voice assistant with generative AI. The annual WWDC is addressed to developers who build apps and tools to run on the company's products. Despite last year's disappointment, Apple insisted on Monday it was still very much in the AI race, announcing incremental updates to its Apple Intelligence software, including the ability for app makers to directly access a device's AI capabilities. This would allow users to engage with apps using generative AI while offline, letting them interact ChatGPT-style with a hiking app, for example, while in remote areas without a connection. Apple CEO Tim Cook briefly mentioned that Siri's AI makeover was still under development and "needed more time to meet our high quality bar," which includes Apple's standards on privacy and data security. "We are making progress, and we look forward to getting these features into customers' hands," he added. For Gadjo Sevilla, senior analyst for Emarketer, "the delays to Apple's in-house AI efforts will continue to draw scrutiny." "Especially since rivals like Google and Samsung are moving ahead by introducing new on-device AI capabilities, or partnering with AI startups like Perplexity (in Samsung's case) to provide users with AI features," he added. The biggest announcement at the event was the renaming of Apple's operating systems so that releases better match their release year. The next operating system will be iOS 26 and will be available across all of Apple's devices -- including the Mac, Watch and Vision Pro headset -- in the fall, in time for the likely release of the next iPhone 17. Today, Apple's operating systems have vastly different nomenclatures across devices, including the current iOS 18 for the iPhone or macOS 15 for Mac computers. Apple also announced that the new operating system will be the first major iOS redesign since 2013, calling the new look "Liquid Glass." The relationship between Apple and app-making developers has been strained in recent years, with developers chafing at the iPhone maker's high fees for getting access to the App Store. A marathon lawsuit by Fortnite maker Epic Games ended with Apple being ordered to allow outside payment systems to be used in the U.S. App Store. Adding to doubts about Apple's direction is the fact that the legendary designer behind the iPhone, Jony Ive, has joined with ChatGPT maker OpenAI to create a potential rival device for engaging with AI. Apple also has to deal with tariffs imposed by President Donald Trump in his trade war with China, a key market for sales growth and the place where most iPhones are manufactured. Trump has also threatened to hit Apple with tariffs if iPhone production wasn't moved to the US, a change which analysts say would be impossible given the costs and capabilities required. Wall Street analysts remain divided on Apple's prospects, with the stock down about 17 percent since the start of the year, wiping over $600 billion from its market value and far outshone by its Big Tech rivals. While some analysts remain optimistic about Apple's long-term AI monetization potential, others worry the company's cautious approach may prove costly in the longer term. WWDC "was void of any major Apple Intelligence progress as Cupertino is playing it safe and close to the vest after the missteps last year," said Dan Ives of Wedbush Securities. "We have a high level of confidence Apple can get this right, but they have a tight window to figure this out," he added. © 2025 AFP
Japan Today
3 hours ago
- Japan Today
Chinese hackers and user lapses turn smartphones into a 'mobile security crisis'
FILE - A child holds an iPhone at an Apple store on Sept. 25, 2015 in Chicago. (AP Photo/Kiichiro Sato, File) By DAVID KLEPPER Cybersecurity investigators noticed a highly unusual software crash — it was affecting a small number of smartphones belonging to people who worked in government, politics, tech and journalism. The crashes, which began late last year and carried into 2025, were the tipoff to a sophisticated cyberattack that may have allowed hackers to infiltrate a phone without a single click from the user. The attackers left no clues about their identities, but investigators at the cybersecurity firm iVerify noticed that the victims all had something in common: They worked in fields of interest to China's government and had been targeted by Chinese hackers in the past. Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. Groups linked to China's military and intelligence service have targeted the smartphones of prominent Americans and burrowed deep into telecommunication networks, according to national security and tech experts. It shows how vulnerable mobile devices and apps are and the risk that security failures could expose sensitive information or leave American interests open to cyberattack, those experts say. 'The world is in a mobile security crisis right now,' said Rocky Cole, a former cybersecurity expert at the National Security Agency and Google and now chief operations officer at iVerify. 'No one is watching the phones.' U.S. authorities warned in December of a sprawling Chinese hacking campaign designed to gain access to the texts and phone conversations of an unknown number of Americans. 'They were able to listen in on phone calls in real time and able to read text messages,' said Rep. Raja Krishnamoorthi of Illinois. He is a member of the House Intelligence Committee and the senior Democrat on the Committee on the Chinese Communist Party, created to study the geopolitical threat from China. Chinese hackers also sought access to phones used by Donald Trump and running mate JD Vance during the 2024 campaign. The Chinese government has denied allegations of cyberespionage, and accused the U.S. of mounting its own cyberoperations. It says America cites national security as an excuse to issue sanctions against Chinese organizations and keep Chinese technology companies from the global market. 'The U.S. has long been using all kinds of despicable methods to steal other countries' secrets,' Lin Jian, a spokesman for China's foreign ministry, said at a recent press conference in response to questions about a CIA push to recruit Chinese informants. U.S. intelligence officials have said China poses a significant, persistent threat to U.S. economic and political interests, and it has harnessed the tools of digital conflict: online propaganda and disinformation, artificial intelligence and cyber surveillance and espionage designed to deliver a significant advantage in any military conflict. Mobile networks are a top concern. The U.S. and many of its closest allies have banned Chinese telecom companies from their networks. Other countries, including Germany, are phasing out Chinese involvement because of security concerns. But Chinese tech firms remain a big part of the systems in many nations, giving state-controlled companies a global footprint they could exploit for cyberattacks, experts say. Chinese telecom firms still maintain some routing and cloud storage systems in the U.S. — a growing concern to lawmakers. 'The American people deserve to know if Beijing is quietly using state-owned firms to infiltrate our critical infrastructure,' U.S. Rep. John Moolenaar, R-Mich. and chairman of the China committee, which in April issued subpoenas to Chinese telecom companies seeking information about their U.S. operations. Mobile devices can buy stocks, launch drones and run power plants. Their proliferation has often outpaced their security. The phones of top government officials are especially valuable, containing sensitive government information, passwords and an insider's glimpse into policy discussions and decision-making. The White House said last week that someone impersonating Susie Wiles, Trump's chief of staff, reached out to governors, senators and business leaders with texts and phone calls. It's unclear how the person obtained Wiles' connections, but they apparently gained access to the contacts in her personal cellphone, The Wall Street Journal reported. The messages and calls were not coming from Wiles' number, the newspaper reported. While most smartphones and tablets come with robust security, apps and connected devices often lack these protections or the regular software updates needed to stay ahead of new threats. That makes every fitness tracker, baby monitor or smart appliance another potential foothold for hackers looking to penetrate networks, retrieve information or infect systems with malware. Federal officials launched a program this year creating a 'cyber trust mark' for connected devices that meet federal security standards. But consumers and officials shouldn't lower their guard, said Snehal Antani, former chief technology officer for the Pentagon's Joint Special Operations Command. 'They're finding backdoors in Barbie dolls,' said Antani, now CEO of a cybersecurity firm, referring to concerns from researchers who successfully hacked the microphone of a digitally connected version of the toy. It doesn't matter how secure a mobile device is if the user doesn't follow basic security precautions, especially if their device contains classified or sensitive information, experts say. Mike Waltz, who departed as Trump's national security adviser, inadvertently added The Atlantic's editor-in-chief to a Signal chat used to discuss military plans with other top officials. Secretary of Defense Pete Hegseth had an internet connection that bypassed the Pentagon's security protocols set up in his office so he could use the Signal messaging app on a personal computer, the AP has reported. Hegseth has rejected assertions that he shared classified information on Signal, a popular encrypted messaging app not approved for the use of communicating classified information. China and other nations will try to take advantage of such lapses, and national security officials must take steps to prevent them from recurring, said Michael Williams, a national security expert at Syracuse University. 'They all have access to a variety of secure communications platforms,' Williams said. "We just can't share things willy-nilly.' © Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Japan Today
3 hours ago
- Japan Today
Canada plans to hit NATO spending target early and reduce reliance on U.S. defense, Carney says
Canada Prime Minister Mark Carney speaks to service personnel after making an announcement as he visits Fort York Armoury in Toronto, Canada, on Monday, June 9, 2025. (Chris Young/The Canadian Press via AP) By ROB GILLIES Canada will meet NATO's military spending guideline by early next year and diversify defense spending away from the United States, Prime Minister Mark Carney said Monday, asserting that Washington no longer plays a predominant role on the world stage. The announcement means Canada will achieve NATO's spending target of 2% of gross domestic product five years earlier than previously planned. 'Our military infrastructure and equipment have aged, hindering our military preparedness," Carney said. 'Only one of our four submarines is seaworthy. Less than half of our maritime fleet and land vehicles are operational. More broadly, we are too reliant on the United States.' According to NATO figures, Canada was estimated to be spending 1.33% of GDP on its military budget in 2023, below the 2% target that NATO countries have set for themselves. Canada previously said it was on track to meet NATO's target by the end of the decade. 'Our goal is to protect Canadians, not to satisfy NATO accountants,' Carney said in a speech at the University of Toronto. Canada is about to host U.S. President Donald Trump and other leaders at a summit of the Group of Seven leading industrialized nations in Alberta on June 15-17, and before the NATO summit in Europe. NATO allies are poised to increase the commitment well beyond the 2% target. NATO Secretary-General Mark Rutte said last week that most U.S. allies at NATO endorse Trump's demand that they invest 5% of gross domestic product on their defense needs and are ready to ramp up security spending even more. "We are meeting 2%. And that is the NATO target as it is today,' Carney said at a later news conference. 'We will need to spend more.' He said there will be discussions on the increased spending amount and its timeline at the NATO summit. Carney has said he intends to diversify Canada's procurement and enhance the country's relationship with the EU. 'We should no longer send three-quarters of our defense capital spending to America,' Carney said in a speech at the University of Toronto. 'We will invest in new submarines, aircraft, ships, armed vehicles and artillery, as well as new radar, drones and sensors to monitor the seafloor and the Arctic.' Canada has been in discussions with the European Union to join an EU drive to break its security dependency on the United States, with a focus on buying more defense equipment, including fighter jets, in Europe. Carney's government is reviewing the purchase of U.S. F-35 fighter jets to see if there are other options. 'We stood shoulder to shoulder with the Americans throughout the Cold War and in the decades that followed, as the United States played a predominant role on the world stage. Today, that predominance is a thing of the past,' Carney said in French, one of Canada's official languages. He added that with the fall of the Berlin Wall in 1989, the United States became the global hegemon, noting that its strong gravitational pull became virtually irresistible and made the U.S. 'our closest ally and dominant trading partner.' 'Now the United States is beginning to monetize its hegemony: charging for access to its markets and reducing its relative contributions to our collective security,' Carney said. Carney later said at the news conference that it was 'understandable' that the U.S. is providing a lower degree of security. 'So we are stepping up,' he said. Trump's calls to make Canada the 51st U.S. state have infuriated Canadians, and Carney won the job of prime minister after promising to confront the increased aggression shown by Trump. The prime minister said "a new imperialism threatens.' 'Middle powers compete for interests and attention, knowing that if they are not at the table, they will be on the menu," Carney said during his speech. Carney said the long-held view that Canada's geographic location will protect Canadians is increasingly archaic. European allies and Canada have already been investing heavily in their armed forces, as well as on weapons and ammunition, since Russia launched a full-scale invasion of Ukraine on Feb. 24, 2022. © Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
