DHS has expressed concern over suspicious cell phone activity in the Washington, D.C. area indicating that a “rogue entity” is surveying the communications of government officials and foreign diplomats, according to documents first reviewed by the Washington Free Beacon.
The suspicious activity indicates a “rogue entity” may have assumed control over entire cell phone towers, allowing them to clone mobile devices, introduce malware onto mobile devices to facilitate spying and directly track the geographic location of phone used by government employees.
The information was revealed by documents and insiders from a program as ESD Overwatch, which monitors cell phone towers for anomalies on behalf of the Department of Homeland Security
“The ESD Overwatch network security system is the world’s first system capable of distributed detection, localization, alarming and neutralization of active attacks on mobile communications via the air interface,” the program’s website said.
“ESD Overwatch enables Signal Security, and counter intelligence operators and authorities to eliminate illegal use of IMSI catchers.”
ESD America, which runs Overwatch, indicated a cell phone carrier has experienced “unlawful access to their network for the purpose of large scale subscriber tracking.”
“The attack was first seen in D.C. but was later seen on other sensors across the USA,” said one source. “A sensor located close to the White House and another over near the Pentagon have been part of those that have seen this tracking.”
The Office of Public Affairs at DHS confirmed that ESD Overwatch has been operating under a 90-day pilot program that began on January 18.
“The Overwatch system is part of a 90-day pilot that was initiated on January 18, 2017. The Overwatch System is managed by DHS, through ESD America Inc., a defense and law enforcement technology provider that provides technical security assistance to government and corporate clients,” DHS said.
The cyber attack on the cell carrier’s network is reportedly still ongoing.
While there is no clear indication as to who is responsible for the cyber attack, experts noted the level of sophistication and amount of time involved in planning the attack indicates it is most likely a state-level actor.