A version of this story appeared in the daily Threat Status newsletter from The Washington Times. Click here to receive Threat Status delivered directly to your inbox each weekday.
The Secret Service disabled a malicious telecommunications network in and around New York City that officials said posed a major threat to President Trump and other leaders and diplomats at the U.N. General Assembly meetings this week.
A joint investigation involving the Secret Service, the Department of Homeland Security and various law enforcement agencies uncovered 300 SIM servers and 100,000 SIM cards across five sites, the Secret Service said Tuesday. The Secret Service said it was the largest seizure of its kind in the agency’s history.
Investigators said the illicit network of sites could send more than 30 million text messages per minute and facilitated encrypted and anonymous communications of malicious foreign actors and criminals.
The sites could have been used to disable cellphone towers, disrupt communications among first responders by launching denial of service attacks, eavesdrop on private conversations and send anonymous threatening messages.
The agency reported that the operation was well-funded, could send text messages nationwide “within 12 minutes,” and had the potential to cripple New York City’s telecommunications system.
“The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated,” Secret Service Director Sean Curran wrote. “The U.S. Secret Service’s protective mission is all about prevention, and this investigation makes it clear to potential bad actors that imminent threats to our protectees will be immediately investigated, tracked down and dismantled.”
SEE ALSO: Trump to confront U.N. with peace-through-strength message, forge deals on sidelines
The network was dismantled over the past three weeks as a result of a monthlong investigation into a series of anonymous threats to three U.S. officials: one in the Secret Service and two who worked in the White House. Investigators connected the sites to the threats.
Authorities implied that early analysis showed the network targeted U.S. officials. Citing privacy concerns, they declined to reveal the officials’ names.
Experts caution that similar malicious telecommunication sites could be significantly more difficult to identify without any link to a crime. Matt Pearl, director of the Strategic Technologies Program at the Center for Strategic and International Studies, said additional undetected sites may be operating in sensitive areas.
“The real implication for me is essentially that this is going to be very hard to detect,” Mr. Pearl said. “If they have a bunch of this equipment sitting in apartment buildings near military bases or wherever, it’s going to be very hard to detect and know about it if it’s not being used yet, if it is just being sort of warehoused for a future operation.”
The network sites were within 35 miles of the U.N. headquarters, where global leaders are meeting for the annual General Assembly. Mr. Trump spoke to the leaders Tuesday morning, with several high-profile U.S. officials in attendance.
“The timing, the location, the proximity of this network had the potential to impact the United Nations, and that was clear and something that we had to consider,” Matt McCool, Secret Service special agent in charge, said in a video.
Secret Service officials said they were still combing through troves of SIM card data. Officials reported that the network’s SIM cards were connected to at least one foreign power and parties known to U.S. law enforcement, including members of drug cartels and human trafficking organizations. Authorities have not announced any arrests in connection with the sites.
Investigators found miscellaneous cellphones and computers, firearms and 80 grams of cocaine at the site, implying a connection between the network and international drug cartels.
A former U.S. intelligence community official told The Washington Times that drug cartels may have used the sites to intercept law enforcement or federal government agency communications in the area, suggesting that the network had nothing to do with the world leaders attending the General Assembly.
The former official said a foreign government could have concealed its involvement by hiring criminals on the dark web.
“You just look at some of the behaviors of Russia and China over the past five years, in this gray zone area, they go on the dark web, and they find some criminals and hire them. There’s no state fingerprints on it,” the official said.
Secret Service officials said the investigation into the network is continuing under the leadership of the agency’s newly established Advanced Threat Interdiction Unit and Homeland Security Investigations.
Officials declared that the sites no longer pose a serious security threat to New York, but Mr. McCool said it would be foolish to think other sites are not operating nationwide.
The New York sites could have given foreign intelligence networks an opportunity to gauge the response of U.S. law enforcement. Dan Hoffman, a former CIA clandestine service officer and Washington Times columnist, said that whoever is behind the network is sending a dangerous message.
“China, North Korea, Russia would certainly want to demonstrate to us that they have this capability to make things go bad for us,” he said. “It’s also a probe. Tactically, you learn about how we responded to this. Maybe they wanted to keep it a secret. Maybe they realized it wouldn’t stay that way, and they’re probing our response so that the next time they can do it better and stand a better chance of not being detected.”
• Vaughn Cockayne can be reached at vcockayne@washingtontimes.com.
Please read our comment policy before commenting.