The real spyware threat could be in your pocket



U.S. intelligence agencies are on high alert after CNN reported that Iran is actively preparing cyberattacks aimed at critical government and military infrastructure. But the real threat may already be inside the wire — not from foreign hackers at a keyboard, but from mobile phones unknowingly or deliberately carried into the nation’s most sensitive facilities.

The devices we carry every day are now among our greatest national security vulnerabilities.

In 2025, secrets aren’t stolen with a crowbar. They’re stolen with an app.

Despite years of post-9/11 investments in hardened infrastructure, the federal government has been remiss in investing in a sensor network to keep pace with the risks of wireless technology now embedded in daily life.

When the first iPhone was introduced in 2007, it ushered in a new era of hyper-connected mobility. Since then, innovation has continued to explode, bringing countless benefits but also exposing serious vulnerabilities.

Our most secure government facilities are wide open to wireless threats.

Today, up to 90% of secure government facilities rely on little more than the honor system and self-reporting to keep unauthorized wireless devices — mobile phones, smartwatches, rogue transmitters — out of sensitive compartmented information facilities, special access program facilities, and other high-security zones. In an era of Pegasus spyware and remote malware, this should be viewed as a national security malpractice.

Portable security risks

The modern smartphone is a traitor’s dream — portable, powerful, and everywhere. It records audio and video, it transmits data instantaneously via Wi-Fi, Bluetooth, and cellular networks, and it connects to everything — from commercial clouds to encrypted chat apps. And yet these devices are routinely brought into facilities housing classified intelligence data, most often undetected and without consequence.

Take the case of Asif W. Rahman, a former CIA analyst who held a top-secret security clearance and was recently sentenced to three years in federal prison for photographing classified information and transmitting it to unauthorized recipients, who then posted the material to social media. Snapping and sharing photos of classified government documents using a smartphone is stunningly simple, with no high-tech espionage or daring break-ins required.

Every week offers new examples like this. People inside the Department of Defense and State Department have been caught photographing screens, copying documents, and walking classified data right out the door. These are crimes of opportunity, enabled by lax enforcement and outdated security measures.

If a wireless intrusion detection system were in place, the device would have triggered an alert and stopped these breaches before they became major national security failures.

Exploiting our weaknesses

Now, with Iran probing for cyber vulnerabilities, the risk of insiders being exploited or coerced into facilitating digital breaches through personal devices has never been higher. And it can happen without a trace if the right wireless defenses aren’t in place.

In 2023, the secretary of defense issued a memo directing all Defense Department offices to install wireless intrusion detection systems to monitor unauthorized devices. The technology works. It detects any device that emits a wireless signal — such as phones, smartwatches, or even printers with Wi-Fi — inside a restricted area. Yet the directive remains largely unfunded and unenforced.

RELATED: After the bombs, Iran sharpens its digital daggers

  Gwengoat via iStock/Getty Images

Near-peer adversaries, terrorist groups, and criminal syndicates are exploiting wireless threats to their advantage. They don’t need sophisticated tradecraft and specialized technologies. They simply need to compromise and leverage someone with access and a phone. And with thousands of secure facilities across the country, that opportunity presents itself every day.

In light of the latest intelligence warnings, we need to fund wireless intrusion detection across all SCIFs and SAPFs and educate agency leaders on the vulnerabilities posed by modern smartphones.

We need to hold bad actors accountable — not retroactively or as part of a congressional committee hearing, but by making sure they never have the opportunity to compromise the integrity of national security in the first place.

Protecting digital secrets

The U.S. government has spent billions building concrete walls, locking doors, and implementing network-specific defenses to protect its secrets. But in 2025, secrets aren’t stolen with a crowbar; they’re stolen with an app.

Until we treat the wireless threat with the same seriousness, those secrets will remain just one text message or compromised phone away from unauthorized disclosure of highly classified information.

You can’t protect your most sensitive state secrets if you are blind to the threat. Without action, these vulnerabilities will only grow more dangerous — and more missions and lives may be put at risk.

Editor’s note: This article was originally published by RealClearDefense and made available via RealClearWire.

FBI director warns of Chinese hacking efforts to 'wreak havoc' on US critical infrastructure



FBI Director Christopher Wray told a congressional committee this week that hackers backed by the Chinese communist regime are preparing to "cripple" American infrastructure should Beijing decide "the time has come to strike."

Wray indicated in his statement to the Select Committee on the Chinese Communist Party Wednesday that the intelligence community has assessed that "China is attempting to pre-position on U.S. critical infrastructure—setting up back doors to cripple vital assets and systems in the event China invades Taiwan and therefore, limiting our ability to assist Taiwan."

"China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike," Wray told lawmakers in his oral testimony.

In one example, the FBI director noted that hackers affiliated with the Chinese military gained access to the computer networks of a major American transportation hub. Gas pipelines, the electric grid, and water treatment plants have similarly been targeted.

 
FBI Director Wray opening statement before @committeeonccp : "The PRC has a bigger hacking program than that of every major nation combined."
— (@)  
 

Chairman Mike Gallagher (R-Wisc.) said that "this is the cyberspace equivalent of placing bombs on American bridges, water treatment facilities and power plants," reported CNN.

"There is no economic benefit for these actions. There's no pure intelligence-gathering rationale," continued Gallagher. "The sole purpose is to be ready to destroy American infrastructure, which would inevitably result in chaos, confusion and potentially mass casualties."

The U.S. has long known of efforts by state-backed Chinese hackers to compromise American systems and exploit vulnerabilities.

These efforts in cyberspace to compromise American security come amidst similarly brazen aerial and ground operations. The regime has, for instance, sent spy craft over the mainland U.S.; operated illegal police stations on American soil; threatened diplomats; and dispatched agents to execute espionage and political destabilization missions.

China does not appear to be merely posturing. The communist regime, which has been building up its military and preparing for war at a time when the U.S. military has been assessed as "weak," has made expressly clear in recent months that it intends to take the island nation of Taiwan. In the face of significant demographic, economic, and social troubles at home, the communist regime may increasingly see such a military adventure as an opportunity to change its fate and fortune.

"[Communist China] represents the defining threat of this era," said Wray. "There is no country that presents a broader, more comprehensive threat to our ideas, our innovation, our economic security, and, ultimately, our national security."

Wray also expressed concerns about the use of Tiktok by the Chinese regime to "control data collection on millions of users, which can be used for all sorts of intelligence operations or influence operations."

Extra to collecting data on Americans and pushing influence operations, the FBI director indicated TikTok gives Beijing the ability "to control the software on millions of devices, which means the opportunity to technically compromise millions of devices."

— (@)  
 

Gen. Paul Nakasone, the head of the National Security Agency, told lawmakers, "We need to have a vigilance that continues onward."

"This is not an episodic threat that we're going to face. This is persistent," added Nakasone.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

This Means Cyber War: Chinese Hackers Target Critical U.S. Infrastructure

If the Chinese Communist Party invades Taiwan, Chinese military-affiliated hackers will likely disrupt critical infrastructure in the U.S.
U.S. Pipeline HACKED in cyber attack? It’s time to name China & Russia as U.S. ENEMIES!
play icon

U.S. Pipeline HACKED in cyber attack? It’s time to name China & Russia as U.S. ENEMIES!

 

Report: U.S. agencies responsible for nuclear arsenal targeted in SolarWinds cyberattack​



A new report reveals that hackers were able to infiltrate the U.S. Department of Energy and the National Nuclear Security Administration, which oversees the U.S. nuclear weapons arsenal. The cyberattack against the DOE and NNSA is part of a larger espionage operation that has affected at least half a dozen federal agencies, Politico's Natasha Bertrand reports.

The Energy Department's chief information officer Rocky Campione briefed the departments about the attacks on Thursday and both agencies are now coordinating to brief members of Congress on the status of their network security.

The full extent of the cyberattack may not be known "for weeks," officials said.

From Politico:

They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate.

Federal investigators have been combing through networks in recent days to determine what hackers had been able to access and/or steal, and officials at DOE still don't know whether the attackers were able to access anything, the people said, noting that the investigation is ongoing and they may not know the full extent of the damage "for weeks."

Spokespeople for DOE did not immediately respond to requests for comment.

The Sandia and Los Alamos National Labs conduct atomic research related to the development of nuclear power and nuclear weapons. The Office of Secure Transportation is responsible for moving enriched uranium and other materials needed to maintain the nuclear stockpile, Politico reports. As for the attack on the Federal Energy Regulatory Commission, Politico's report speculates that it was targeted to gain information that may help malicious actors find vulnerabilities in the nation's bulk electric grid.

The report emphasizes how seriously United States national security is threatened by foreign hackers who were able to infiltrate U.S. government computer systems by compromising software from IT company SolarWinds, which has hundreds of government and private-sector clients.

In a joint statement released Wednesday, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI) confirmed the existence of a "significant and ongoing cybersecurity campaign."

"This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," the statement read.

In response to the threat, the FBI has launched investigations to "attribute, pursue, and disrupt the responsible threat actors," and CISA issued an emergency directive ordering federal civilian agencies to immediately shut down affected SolarWinds Orion products in their network.

The ODNI is coordinating a response from the U.S. Intelligence Community to share information across the United States government.