The U.S. Secret Service said it has dismantled a massive telecommunications threat in the New York tri-state area that could have shut down cellular networks and disrupted critical communications during the United Nations General Assembly.
The discovery followed an investigation launched earlier this year after senior U.S. officials were targeted by “imminent” telecommunications-related threats. According to Special Agent in Charge Matt McCool of the Secret Service’s New York field office, the scale and timing of the operation prompted an unusual public announcement.
“Following multiple telecommunications-related imminent threats directed towards senior U.S. government officials this spring, the U.S. Secret Service began a protective intelligence investigation to determine the extent and impact these threats could have on protective operations,” McCool said in a statement. “This was a difficult and complex effort to identify the source of these fraudulent calls and the impact on the Secret Service protective mission.”
Investigators uncovered tens of thousands of collocated and networked cellular devices across the New York area, which McCool described as capable of carrying out “nefarious telecommunications attacks.” These devices, concentrated within 35 miles of the United Nations headquarters, were configured to enable encrypted and anonymous communications between criminal groups and potential foreign threat actors.
“This network had the potential to disable cell phone towers and essentially shut down the cellular network in New York City,” McCool said. “Given the timing, location, and proximity and potential for significant disruptions to the New York Telecom system, we moved quickly to disrupt this network.”
A Threat at the Heart of Global Diplomacy
The General Assembly, one of the most high-profile diplomatic gatherings in the world, is currently underway in Manhattan, drawing heads of state, senior officials, and thousands of delegates. The Secret Service, which has a protective mandate covering U.S. leaders and visiting dignitaries, coordinated with Homeland Security Investigations, the Department of Justice, the Office of the Director of National Intelligence, and the NYPD to neutralize the threat.
McCool stressed that the devices are no longer a danger to the region. “To be clear, these recovered devices no longer pose a threat to the New York tri-state area,” he said. However, he noted that the investigation is far from over. Forensic examinations are now underway on data equivalent to that of 100,000 cell phones, an unprecedented haul that could reveal connections between foreign actors and individuals already known to law enforcement.
“Early analysis indicates cellular communications between foreign actors and individuals that are known to federal law enforcement,” McCool said. “Given the sensitivity and complexity of this investigation, we are not able to go into specifics at this time. This is an open and active investigation and we have no arrest to announce today.”
Technical Risks
Experts noted that the incident bore similarities to other forms of telecom exploitation. Criminals and state-linked actors have long abused vulnerabilities in mobile networks through techniques such as:
-
SIM-boxing, in which bulk devices reroute international calls through local numbers to avoid carrier fees — a practice often tied to organized crime.
-
IMSI catchers or fake base stations, which mimic legitimate cell towers to intercept communications, track devices, or deliver malicious payloads.
-
Botnet-driven DDoS attacks targeting telecom operators, capable of overwhelming infrastructure and knocking services offline.
The New York operation, however, stood out in scale. The presence of tens of thousands of interconnected cellular devices suggested a system designed not only for fraud or interception but also for the potential mass disruption of communications infrastructure. Targeting the cellular backbone at such a critical time — with global leaders convened at the UN — could have crippled emergency services, diplomatic coordination, and financial transactions in the city.
An Unresolved Puzzle
The Secret Service has not confirmed whether the intent was specifically to disrupt the UN General Assembly, but McCool acknowledged that possibility is under review. “We will continue working towards identifying those responsible in their intent, including whether their plan was to disrupt the UN General Assembly and communications of government and emergency personnel during the official visit of world leaders,” he said.
McCool said the announcement was made in the interest of transparency and public safety, even as the agency holds back operational details. “This announcement is designed to safeguard critical infrastructure and responsibly provide the public what we can at this time,” he said. “The Secret Service will continue to run down all leads until we fully understand the intent of the operation and identify those responsible.”
The investigation remains ongoing, with forensic teams continuing to parse through mountains of intercepted data. Officials said more details could be shared once the analysis is complete and suspects are identified.
