Using a ploy as old at the days of Troy, when the Greeks gifted the people of Troy with a magnificent hollow wooden horse in which Greek soldiers were hidden, an adversary of the U.S. is employing a modern-day slant to the infamous “Trojan Horse”. Both the United States Army and Navy are advising all U.S. military personnel that unsolicited smartwatches are being sent to personnel and that these devices contain malware targeting the information on servicemember’s devices.
Warning to service members
The U.S. Army Criminal Investigation Division warned personnel via a flyer earlier this month of the counterintelligence threat posed by the devices. The counterintelligence warning from the CID warns “Do NOT turn device on” as the “smartwatches, when used, have auto connected to Wi-Fi and began connecting to cell phones unprompted, gaining access to a myriad of user data.” The notice says the malware grants “access to banking information, contacts and account information (usernames and passwords).” Additionally, the “malware accesses both voice and cameras, enabling actors access to conversations and accounts tied to the smartwatches.”
The brands currently making the rounds to targeted service personnel are identified as:
- Smart band Men Women Smart Bracelet LED D18 Smartwatch Waterproof Smart Touch; and
- D18 Smart Watch for Men and Women Blood Pressure Waterproof Smartwatch Heart
CNN reports that personnel from the U.S. Navy have also received these watches. Speaking to CNN, NCIS spokesperson Jeff Houston commented, “Smartwatches, like any wearable device, can be used by adversaries to gain a wide collection of personal information and pose a security threat to U.S. Navy and U.S. Marine Corps service members.”
Trojan Horse Smartwatches – could it be China?
While the point of origin has not been revealed, a quick internet search shows the models are widely available across online markets, to include China’s AliExpress which sells the item wholesale for $.95/each.
In a JSTOR article from 2011, “China’s Cyber Warfare Capabilities” the authors speak to the Chinese government’s use of “Trojan Horse” programs to target the Dalai Lama’s network. In the same piece China is identified as having planted “Trojan Horse” software on hard drives which when used would automatically send the information to China.
More recently, the United Kingdom discovered that their ministers of parliament were targeted by China when SIM cards used in government vehicles contained a tracking device.
Perhaps the most audacious “Trojan Horse” perpetuated by China was the wholesale fleecing of the African Union Headquarters, when in 2018 the AU’s information technology team discovered that at 0200 hours every morning the data from the AU headquarters (which was built and gifted to the AU by China) would be sent to Shanghai. Subsequent investigation showed the daily data transfer had been ongoing for approximately five years.
What to do if you receive a present?
Should you receive an unsolicited and unexpected item in the mail, follow the advice of the CID and do not turn the device on, and report it to your counterintelligence point person and/or your facility security officer.
There is no such thing as a “free lunch” and in this case the “free smartwatch” is nothing more than a modern day “Trojan Horse.”
It would be wise to remember, China never turns off the engine of their espionage machine.
