{"id":234855,"date":"2026-04-23T15:22:00","date_gmt":"2026-04-23T19:22:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/23\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/"},"modified":"2026-04-23T16:25:14","modified_gmt":"2026-04-23T20:25:14","slug":"surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/23\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/","title":{"rendered":"Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/\">Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/\">https:\/\/cyberscoop.com\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-23 15:22:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Campaigns employing commercial surveillance vendors tracked targets by exploiting mobile phone network vulnerabilities in what researchers said Thursday was the first-ever linking of \u201creal-world attack traffic to mobile operator signalling infrastructure.\u201d<\/p>\n<p>The two unknown parties behind the campaigns mimicked the identities of mobile phone operators with customized surveillance tools, and manipulated signaling protocols and steered traffic through network pathways to hide, according to research from the University of Toronto\u2019s Citizen Lab.<\/p>\n<p>\u201cOur findings highlight a systemic issue at the core of global telecommunications: operator infrastructure designed to enable seamless international connectivity is being leveraged to support covert surveillance operations that are difficult to monitor, attribute, and regulate,\u201d a report published Thursday reads.<\/p>\n<p>\u201cDespite repeated public reporting, this activity continues unabated and without consequence,\u201d Gary Miller and Swantje Lange wrote for Citizen Lab. \u201cThe continued use of mobile networks, built on a close inter-operator trust model and relied upon by users worldwide, raises broader questions for national regulators, policymakers, and the telecom industry about accountability, oversight, and global security.\u201d<\/p>\n<p>The attackers relied on identifiers and infrastructure associated with operators around the world, including networks based in Cambodia, China, the self-governing Island of Jersey, Israel, Italy, Lesotho, Liechtenstein, Morocco, Mozambique, Namibia, Poland, Rwanda, Sweden, Switzerland, Thailand, Uganda and the United Kingdom.<\/p>\n<p>They shifted between SS7 and Diameter protocols, the signalling protocols known for 3G and 4G\/most of 5G, respectively, according to the report. While Diameter was meant to be more secure than SS7, the Federal Communications Commission in 2024 opened a probe into both its vulnerabilities and SS7\u2019s, and Sen. Ron Wyden, D-Ore., has asked for a&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities https:\/\/cyberscoop.com\/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities\/ Publish Date: 2026-04-23&#8230;<\/p>\n","protected":false},"author":1,"featured_media":234856,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/04\/GettyImages-2214899116.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31],"class_list":["post-234855","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234855"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=234855"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234855\/revisions"}],"predecessor-version":[{"id":234857,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234855\/revisions\/234857"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/234856"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=234855"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=234855"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=234855"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}