WASHINGTON (AP) —
Cybersecurity investigators noticed a highly unusual software crash — it was affecting a small number of smartphones belonging to people who worked in government, politics, tech and journalism.
The crashes, which began late last year and carried into 2025, were the tipoff to a sophisticated cyberattack that may have allowed hackers to infiltrate a phone without a single click from the user.
The attackers left no clues about their identities, but investigators at the cybersecurity firm iVerify noticed that the victims all had something in common: They worked in fields of interest to China's government and had been targeted by Chinese hackers in the past.
Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. Groups linked to China's military and intelligence service have targeted the smartphones of prominent Americans and burrowed deep into telecommunication networks, according to national security and tech experts.
It shows how vulnerable mobile devices and apps are and the risk that security failures could expose sensitive information or leave American interests open to cyberattack, those experts say.
“The world is in a mobile security crisis right now,” said Rocky Cole, a former cybersecurity expert at the National Security Agency and Google and now chief operations officer at iVerify. “No one is watching the phones.”
U.S. authorities warned in December of a sprawling Chinese hacking campaign designed to gain access to the texts and phone conversations of an unknown number of Americans.
“They were able to listen in on phone calls in real time and able to read text messages,” said Rep. Raja Krishnamoorthi of Illinois. He is a member of the House Intelligence Committee and the senior Democrat on the Committee on the Chinese Communist Party, created to study the geopolitical threat from China.
Chinese hackers also sought access to phones used by Donald Trump and running mate JD Vance during the 2024 campaign.
The Chinese government has denied allegations of cyberespionage, and accused the U.S. of mounting its own cyberoperations. It says America cites national security as an excuse to issue sanctions against Chinese organizations and keep Chinese technology companies from the global market.
“The U.S. has long been using all kinds of despicable methods to steal other countries’ secrets,” Lin Jian, a spokesman for China’s foreign ministry, said at a recent press conference in response to questions about a CIA push to recruit Chinese informants.
U.S. intelligence officials have said China poses a significant, persistent threat to U.S. economic and political interests, and it has harnessed the tools of digital conflict: online propaganda and disinformation, artificial intelligence and cyber surveillance and espionage designed to deliver a significant advantage in any military conflict.
Mobile networks are a top concern. The U.S. and many of its closest allies have banned Chinese telecom companies from their networks. Other countries, including Germany, are phasing out Chinese involvement because of security concerns. But Chinese tech firms remain a big part of the systems in many nations, giving state-controlled companies a global footprint they could exploit for cyberattacks, experts say.
Chinese telecom firms still maintain some routing and cloud storage systems in the U.S. — a growing concern to lawmakers.
“The American people deserve to know if Beijing is quietly using state-owned firms to infiltrate our critical infrastructure,” U.S. Rep. John Moolenaar, R-Mich. and chairman of the China committee, which in April issued subpoenas to Chinese telecom companies seeking information about their U.S. operations.
Mobile devices can buy stocks, launch drones and run power plants. Their proliferation has often outpaced their security.
The phones of top government officials are especially valuable, containing sensitive government information, passwords and an insider's glimpse into policy discussions and decision-making.
The White House said last week that someone impersonating Susie Wiles, Trump’s chief of staff, reached out to governors, senators and business leaders with texts and phone calls.
It’s unclear how the person obtained Wiles’ connections, but they apparently gained access to the contacts in her personal cellphone, The Wall Street Journal reported. The messages and calls were not coming from Wiles’ number, the newspaper reported.
While most smartphones and tablets come with robust security, apps and connected devices often lack these protections or the regular software updates needed to stay ahead of new threats. That makes every fitness tracker, baby monitor or smart appliance another potential foothold for hackers looking to penetrate networks, retrieve information or infect systems with malware.
Federal officials launched a program this year creating a “cyber trust mark” for connected devices that meet federal security standards. But consumers and officials shouldn’t lower their guard, said Snehal Antani, former chief technology officer for the Pentagon’s Joint Special Operations Command.
“They’re finding backdoors in Barbie dolls,” said Antani, now CEO of Horizon3.ai, a cybersecurity firm, referring to concerns from researchers who successfully hacked the microphone of a digitally connected version of the toy.
It doesn't matter how secure a mobile device is if the user doesn't follow basic security precautions, especially if their device contains classified or sensitive information, experts say.
Mike Waltz, who departed as Trump's national security adviser, inadvertently added The Atlantic's editor-in-chief to a Signal chat used to discuss military plans with other top officials.
Secretary of Defense Pete Hegseth had an internet connection that bypassed the Pentagon’s security protocols set up in his office so he could use the Signal messaging app on a personal computer, the AP has reported.
Hegseth has rejected assertions that he shared classified information on Signal, a popular encrypted messaging app not approved for the use of communicating classified information.
China and other nations will try to take advantage of such lapses, and national security officials must take steps to prevent them from recurring, said Michael Williams, a national security expert at Syracuse University.
“They all have access to a variety of secure communications platforms,” Williams said. "We just can't share things willy-nilly.”
FILE - Attendees walk past an electronic display showing recent cyberattacks in China at the China Internet Security Conference in Beijing, on Sept. 12, 2017. (AP Photo/Mark Schiefelbein, File)
FILE - A child holds an iPhone at an Apple store on Sept. 25, 2015 in Chicago. (AP Photo/Kiichiro Sato, File)
PROVIDENCE, R.I. (AP) — The ongoing effort to find a man who walked onto Brown University ’s campus during a busy exam season and shot nearly a dozen students in a crowded lecture hall has raised questions about the school's security systems and the urgency of the investigation itself.
A day after Saturday's mass shooting, officials said a person of interest taken into custody would be released without charges, leaving investigators with little actionable insight from the limited security video they had recovered and scrambling to develop new leads.
Law enforcement officials were still doing the most basic investigative work days after the shooting that killed two students and wounded nine, canvassing local residences and businesses for security camera footage and looking for physical evidence. That's left students and some Providence residents frustrated at gaps in the university’s security and camera systems that helped allow the shooter to disappear.
“The fact that we’re in such a surveillance state but that wasn’t used correctly at all is just so deeply frustrating,” said Li Ding, a student at the nearby Rhode Island School of Design who dances on a Brown University team.
Ding is among hundreds of students who have signed a petition to increase security at school buildings, saying that officials need to do a better job keeping the campus secure against threats like active shooters.
“I think honestly, the students are doing a more effective job at taking care of each other than the police,” Ding said.
Kristy dosReis, chief public information officer for the Providence Police Department, said that at no point did the investigation stand down even after officials appeared to have a breakthrough in the case, detaining a Wisconsin man who they now believe was not involved.
“The investigation continued as the scenes were still active. Nothing was cleared,” said dosReis.
The FBI put out a video timeline Tuesday that includes new footage of the second man of interest from before the attack. It shows him along quiet residential streets near campus. Authorities believe he was casing the area, Col. Oscar Perez, the Providence police chief, said. Police and the FBI had released video and photographs of the man, who wore a mask in the footage captured before and after the attack.
FBI Boston Special Agent in Charge Ted Docks said a $50,000 reward was being offered for information that would lead to the identification, arrest and conviction of the shooter.
Docks described the investigation, including documenting the trajectory of bullets at the shooting scene, as “painstaking work.”
“We are asking the public to be patient as we continue to run down every lead so we can give victims, survivors, their families and all of you the answers you deserve,” Docks told reporters.
While Brown University is dotted with cameras, there were few in the Barus and Holley building, home of the engineering school that was targeted.
“Reality is, it’s an old building attached to a new one,” Rhode Island Attorney General Peter Neronha told reporters about the lack of cameras nearby.
The Brown University president said Tuesday the campus is equipped with 1,200 cameras.
But the lack of campus footage of a suspect in the attack left police seeking tips from the public.
Katherine Baima said U.S. marshals came to her door on Monday, seeking footage from a security camera pointing toward the street.
“This is the first time any of us in my building, as far as I know, had heard from anyone,” Baima said.
Students said the school’s emergency alert system kept them relatively well-informed about the presence of an active shooter. But they were uncertain what to do during a prolonged campus lockdown.
Chiang-Heng Chien, a 32-year-old doctoral student in engineering, hid under desks and turned off the lights after receiving an alert about the shooting at 4:22 p.m. Saturday in a campus lab.
“While I was hiding in the lab, I heard the police yelling outside but my friends and I were debating whether we should open the door, since at that moment the shooter was believed to be (nearby),” he said in a text.
Law enforcement experts say colleges are often at a disadvantage when responding to threats like an active shooter. Their security officers are typically less trained and paid less than in other law enforcement departments. They also don’t always have close partnerships with better-resourced agencies.
Often, funding for campus police departments is not a top priority, even for schools with ample resources, said Terrance Gainer, a former Illinois law enforcement official who later served as the U.S. Senate’s sergeant-at-arms.
“They just aren’t as flush in law enforcement as you would think. They don’t like a lot of uniformed presence, they don’t like a lot of guns around,” said Gainer, who is now a consultant. “Whether it’s Brown or someone else, a key question is, what type of relationship do they have with the local police department?”
At Utah Valley University, where conservative leader Charlie Kirk was assassinated by a shooter on a school building roof last summer, the undersized campus police department never asked neighboring agencies to assist with security at the outdoor Kirk event that attracted thousands, an Associated Press review found.
Providence has an emergency alert system, but it switched from a mobile app to a web-based system in March. The new system requires someone to register online to receive alerts — something not all residents knew.
Emely Vallee, 35, lives about a mile (1.6 kilometers) from Brown with her two young children. She said she received “absolutely nothing” in alerts. She relied instead on texts from friends and the news.
Vallee had expected to be notified through the city’s 311 app, but hadn’t realized that Mayor Brett Smiley phased out the app in March. Smiley said his administration sent out multiple alerts the day of the shooting using the new 311 system and has continued to send them.
Hailey Souza, 23, finished her shift at a smoothie shop just off-campus minutes before the shooting. Everything seemed normal and quiet, Souza said.
But driving home, she saw a boy bleeding on the sidewalk. “Then everyone started running and screaming,” she said. Souza said she saw a bystander rip off his T-shirt to help.
The shop Souza manages, In The Pink, is a block from the engineering building. One of the shooting victims, Ella Cook, was a regular at the store, Souza said. Cook had come in a few days earlier and said her last final was Saturday.
Souza later learned that police came by the store to tell her co-workers about an active shooter. But Souza never received an emergency alert. “Nothing,” she said.
Wieffering, Tau and Slodysko reported from Washington. Associated Press writers Kimberlee Kruesi and Matt O’Brien in Providence and Michael Casey in Boston contributed to this report.
Visitors pause at a makeshift memorial for the victims of Saturday's shooting, at the Van Wickle Gate at Brown University, Monday, Dec. 15, 2025, in Providence, R.I.(AP Photo/Robert F. Bukaty)
Members of the FBI Evidence Response Team search for evidence near the campus of Brown University, Monday, Dec. 15, 2025, in Providence, R.I. (AP Photo/Robert F. Bukaty)
A member of the FBI Evidence Response Team searches for evidence near an ivy-covered wall following the shooting at Brown University, Monday, Dec. 15, 2025, in Providence, R.I. (AP Photo/Robert F. Bukaty)
Visitors pause at a makeshift memorial for the victims of Saturday's shooting, at the Van Wickle Gate at Brown University, Monday, Dec. 15, 2025, in Providence, R.I.(AP Photo/Robert F. Bukaty)
Pedestrians ask FBI agents, on the sidewalk on Cooke St. for updates, in Providence, R.I., two days after a shooting occurred on Brown University's campus, Monday, Dec. 15, 2025. (Lily Speredelozzi/The Sun Chronicle via AP)
Members of the FBI Evidence Response Team search for evidence near the campus of Brown University, Monday, Dec. 15, 2025, in Providence, R.I. (AP Photo/Robert F. Bukaty)
Community flowers, notes and mementos are placed in a makeshift memorial display in front of Brown University's Van Wickle gates, in Providence, R.I., two days after a shooting took place on Brown University's campus, Monday, Dec. 15, 2025. (Lily Speredelozzi/The Sun Chronicle via AP)
A community member looks at flowers, notes and mementos in a makeshift memorial display sitting in front of Brown University's Van Wickle gates, in Providence, R.I., two days after a shooting took place on the university's campus, Monday, Dec. 15, 2025. (Lily Speredelozzi/The Sun Chronicle via AP)
