Telecommunications devices discovered throughout the New York tristate area that the U.S. Secret Service claimed “were used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials.”

The discovery of a vast telecommunications network that authorities say was capable of wiping out cellular communications in the nation's largest city is just the latest in a steady series of high-profile plots targeting critical infrastructure.

With the right amount of resources, bad actors can shut down anything from hospitals to gas pipelines, said Kevin Butler, director of the Florida Institute for Cybersecurity Research.

"What we're really seeing is how cyberattacks can be targeting various aspects of critical infrastructure and in very meaningful ways," Butler said. "Even things like our water infrastructure or the electric grid."

What happened in New York City?

Investigators found more than 300 co-located SIM servers and 100,000 SIM cards in the New York tri-state area. The Secret Service said it moved quickly to dismantle the network given its proximity to a meeting of the U.N. General Assembly.

The devices allowed for anonymous, encrypted communication, which enabled criminal organizations to operate undetected, according to Matt McCool, special agent in charge of the Secret Service field office in New York. McCool said the network could have been used to disable cell phone towers, disrupt emergency communications and shut down the city's cellular networks.

It was not yet clear who was behind the plot in New York or what their intentions were, but Butler said the level of sophistication indicates the perpetrators probably belong to a highly organized group, like a foreign government or nonstate actor.

And though attacks against telecom providers are not unusual, this kind of brute-force method is almost unheard of, said Butler, a professor of computer and information science and engineering at the University of Florida. Though fraudsters sometimes amass SIM cards to execute scams, Butler said, those operations typically involved "a couple thousand at most."

"My initial reaction is this is a very large-scale attack," Butler said. "I've never heard of somebody putting 100,000 SIM cards together in such a coordinated way."

Attacks target wide-range of critical infrastructure

The discovery in New York comes just months after a high-profile attack on U.S. telecom providers that was part of a massive Chinese hacking and spying campaign. At least nine telecoms, including Verizon and AT&T, were believed to be targeted by a group of Chinese hackers in a campaign nicknamed "Salt Typhoon." Officials suspect the people behind the attack were looking to understand how the companies cooperate with authorities to track criminals.

Beefing up security in the wake of such events has become a high priority for academics, companies and the government, but Butler said the telecommunications network is so complicated it's difficult to protect. "It's quite a marvelous system, but there's a lot of a lot of complexity to it, which means that there are opportunities for attack."

And telecommunications are not the only target. Plots have targeted other forms of crucial infrastructure around the world in recent years:

  • Several of Europe's biggest airports were facing disruptions after a ransomware attack affected automated check-in systems provided by Collins Aerospace, the EU's cybersecurity agency said on Sept. 23, highlighting the growing risks of such attacks to critical infrastructure and industries.
  • In July, the city of St. Paul was forced to shut down its IT systems and declare a state of emergency after it was targeted by a cyberattack. "This was not a system glitch or technical error. This was a deliberate, coordinated digital attack carried out by a sophisticated external actor intentionally and criminally targeting our city’s information infrastructure," Mayor Melvin Carter said at a news conference July 29.
  • In 2024, hackers hit American Water Works Co. Water delivery systems weren't affected, but the utility was forced to pause billing for millions of customers and drew a warning from the Environmental Protection Agency.
  • Russian hackers crippled the Colonial Gas Pipeline for five days in 2021, causing shortages at 16,200 gas stations along the East Coast and widespread consumer anxiety before the company paid a $5 million ransom to regain access to its computers.

Contributing: Jeanine Santucci; Reuters

This article originally appeared on USA TODAY: A plot could have caused cell phone chaos. It's part of a troubling trend.

Reporting by N'dea Yancey-Bragg, Will Carless and Michael Loria, USA TODAY / USA TODAY

USA TODAY Network via Reuters Connect