The digital battle lines are being redrawn. Cyber threats are no longer confined to hacked servers or ransomware incidents affecting corporate networks. They have migrated to the devices in our hands and pockets. Mobile espionage is accelerating in speed, scope, and sophistication, forcing organizations to confront a difficult reality: significant vulnerabilities now lie in everyday communication tools.
At the recent Military Communications and Information Systems (MilCIS) conference in Australia, the discussion centered on the need for a critical shift in the security landscape. The security of communications is slipping away faster than many governments can respond. The methods attackers use today echo threats battled for centuries, including, undermining identity, authenticity, and the integrity of information.
The Timeless Challenge of Identity and Provenance
In 1790, Thomas Jefferson commissioned a Bordeaux winery to etch his and George Washington’s initials onto their wine crates. This was a crude but effective form of identity verification, implemented centuries before biometrics or digital authentication. Jefferson understood that without proof of provenance, the asset was vulnerable to theft or substitution.
Centuries later, billionaire collector Bill Koch spent a fortune acquiring those same "Jefferson bottles," only to discover they were frauds. Despite modern forensic tools, identity and provenance remain shockingly easy to fake. This saga illustrates a timeless truth relevant to modern cybersecurity: identity, not just encryption, is often the weakest link.
Encryption is meaningless if you cannot trust the person on the other end of the line. When the identity behind a message or voice call is untrustworthy, security evaporates, regardless of how advanced the cryptographic safeguards may be.
The Record-Keeping Imperative
Identity security overlaps closely with accountability. Other historical figures like John Tyler’s son helped establish early preservation acts in the 1850s because they recognized that societies depend on accurate, protected information. Today, record-keeping remains critical but has become infinitely more complex.
Governments must balance privacy, secure storage, chain of custody, and auditability. However, as the majority of communication shift to mobile platforms and consumer-grade applications, the cracks in this foundation are beginning to show.
Salt Typhoon and the Era of Persistent Infiltration
In 2024, the cybersecurity community identified Salt Typhoon, a long-running infiltration that compromised major telecom networks globally. In less than 12 months, exploits associated with this campaign spread to 80 countries, affecting 600 companies and 200 telecommunications providers.
The implications for secure communications for government are staggering:
- Vulnerable Networks: Any voice call or text message sent through a standard telecom network must now be assumed vulnerable.
- Metadata Harvesting: Attackers are no longer just collecting data after breaches; they are collecting metadata in real-time.
- Intelligence Gathering: Patterns of who contacts whom, when, and how often can reveal national-security-level intelligence, even without the attackers accessing the message content.
This represents espionage at an industrial scale. Furthermore, criminals have adopted similar tools. In Southeast Asia, gangs have been caught using cheap cell-tower spoofing devices to harvest mobile identities from passing devices. Tools that cost millions a decade ago now cost hundreds, multiplying the attack surface for critical infrastructure leaders.
The Deception Layer: When Deepfakes Speak
If real-time metadata collection constitutes the surveillance layer of modern warfare, deepfake communications represent the deception layer. Using just a few seconds of audio lifted from social media, attackers can now generate voice clips that sound exactly like a targeted individual.
By leveraging real-time metadata to understand a target's schedule and contacts, attackers can deliver these fakes at precisely the right moment. The AI-generated audio mimics writing style, speaking rhythms, and emotional tone.
It is easy to see how this becomes a weapon against operational continuity:
- A CEO calls their finance chief demanding an urgent transfer.
- A general issues orders for troop movements during a crisis.
- A government minister messages foreign counterparts with inflammatory statements.
These are not hypothetical scenarios. High-profile identity fakes have already occurred on consumer messaging platforms. While these consumer-grade messaging apps offer encryption, they lack robust identity verification. They cannot stop this kind of impersonation because they were designed for convenience, not for the high-stakes requirements of secure voice and text for government.
The Telecom Paradox: Reachability vs. Security
Telecom networks are designed around a single priority: reachability. The goal is for any device to be able to ping any other device, anywhere in the world, instantly. Security was never the core design goal of the global signaling system.
This architecture creates dangerous opportunities. Some operators route calls through third-party carriers who siphon off voice and message data, effectively offering "interception-as-a-service."
The problem extends to cloud infrastructure. Major breaches have exposed years of global customer records and phone numbers. Once a phone number is linked to an identity, that linkage often lasts for decades. Few people change their numbers, which means leaked metadata today will likely still be useful to attackers in 2035.
The Risks of Consumer Apps in Government
Government agencies often turn to consumer-grade messaging apps because they are easy to use and encrypted. However, that convenience comes at a significant cost to security posture:
- No Central Identity Validation: Anyone can register a number.
- No Data Sovereignty: Governments have no control over where data is stored or processed.
- Compliance Gaps: There is no reliable record-keeping for auditability.
- Vulnerability to Hijacking: There are limited means to prevent account takeovers or AI-driven impersonation.
Encryption alone is no longer enough. True security requires identity validation, data governance, records management, and custodianship of the entire communication system, not just the message contents.
The Path Forward: Regaining Sovereignty
Communications have become one of the highest-risk domains in national security. Real-time metadata harvesting, telecom exploitation, deepfake voice attacks, and identity hijacking are everyday threats that demand a strategic response.
Governments and critical infrastructure operators must recognize that the frontline has moved beyond network perimeters to every call, message, and identity assumed to be genuine. Unless nations regain control of their communications, they remain exposed.
Some countries are already prioritizing data sovereignty and rebuilding trust in their communications stack. BlackBerry supports many of the G7 and G20 governments by providing:
- Trusted, Validated Identities: Ensuring the person on the other end is who they claim to be.
- Controlled Data Flows: Keeping sensitive data within sovereign borders.
- Sovereign Infrastructure: Removing reliance on commercial networks for critical exchanges.
- Secure Mobile Platforms: Delivering a user experience that ensures communication tools are actually used.
Conclusion
This urgency extends beyond government agencies. Energy grids, water systems, and transport networks must all treat communications resilience as a core operational priority.
In one recent example, Mike Burgess, Director-General of Australia’s Security Intelligence Organisation (ASIO), recently warned of real risks regarding high-impact sabotage, citing active attempts to penetrate its national critical infrastructure. Any weakness in communication channels can trigger disruption, with consequences stretching from economic loss to public safety risks.
For governments and leaders of these essential systems, protecting communication integrity is no longer just an IT objective – it is mission-critical. As espionage tactics continue to escalate and evolve, the imperative now is to act before the next crisis hits.
