China Manufactured Cellular Walkie Talkies Expose American Businesses to Spying and Other Legal Risks

DECEMBER 10, 2024 / NEW YORK / Haloid Solutions, a leading provider of wireless communications equipment, is warning business and government agencies about foreign espionage and business disruption risks from China-manufactured cellular two-way radios. These devices were sold in the United States from “pop up companies” that claimed the devices were secure.

For the past year, we’ve researched and investigated the radio over cellular space, also known as Push-to-Talk Over Cellular, or PoC. We’ve encountered dozens of “pop up” U.S. companies selling China engineered, manufactured, and hosted devices for extremely low prices. The devices are advertised as encrypted and marketed and sold to businesses and government agencies. We estimate millions of these devices are currently in operation.

From our research, we’ve found that many of the marketing claims made by the companies selling these products are misleading or false. For example, one Chinese manufacturer white labels its products under numerous U.S. names, and claims that the servers hosting its radios are on Amazon servers in the U.S. In reality, they are hosted by Alibaba, the Chinese tech conglomerate and are likely vulnerable to Chinese spying by sending back user data to China.

In another example, one consumer-oriented company claimed false partnership affiliations with the U.S. government and Fox News and even asserted its devices could survive a cyberattack whereas other devices could not. According to experts we spoke with, this company is also selling equipment that is not FCC-approved, and is, therefore, illegal to use in the United States.

We must state that while we do not have any evidence that the Chinese government is using these radios for spying, similar to TikTok, the potential exists and the probability is high. From our research, it was easy to spot disinformation and deliberately misleading claims made by the companies selling the radios, in order to gain trust of American users.

Bad actors, including U.S.-based resellers of this equipment, can spy on unsuspecting radio users via multiple methods. They can monitor and record transmissions. They can also collect GPS coordinates to identify or blackmail individuals working in sensitive areas. Moreover, the microphones on these devices can be activated remotely for audio monitoring. And in extreme cases, onboard cameras can provide video and pictures to a remote party.

In addition to spying risks, these devices also put current owners at risk for violating existing federal and state laws. Some of these devices are outlawed under Section 889 of the National Defense Authorization Act, which prohibits certain telecommunications equipment from being used by, or in providing services to, the U.S. government. For healthcare users, HIPAA laws make many of these devices illegal as well.

If you operate a radio that might be vulnerable to Chinese spying, Haloid is providing a complimentary threat questionnaire to send to your radio provider to assist with your threat analysis.

To learn more about Haloid Solutions, visit HaloidSolutions.com.

**UPDATE 12/13:
In response to feedback we received, we thought it would be helpful to provide additional context.

As the article states, we do not have any evidence (nor aware of evidence) that China or any country is spying on PTT over cellular radio users. However, if you understand this space, it certainly seems plausible.

There are many companies in the PTT space that have made misleading security claims and/or disguised the origin of their devices. Some companies are U.S. owned and operated and sell Chinese devices under private labels. These U.S. dealers market the products as if they manufactured them, without ample disclosure to the buyers that the devices are actually engineered, manufactured, and hosted by Chinese companies. In other cases, Chinese companies themselves are selling the products directly to American buyers. But these realities do not prove any government is surreptitiously obtaining the data of U.S. radio-over-cellular users.

However, we should look at the analogous precedents of TikTok and the LGBT dating app, Grindr. In both cases, in order to keep their companies under Chinese ownership, the companies attempted to provide full transparency into data practices. They also promised to keep data within the United States on servers monitored by cyber security auditors. However, despite this oversight, it was decided that these practices were insufficient to protect the data of Americans. Grindr was ultimately sold to a U.S. company and TikTok’s fate is uncertain.

While the cellular radio user base is much smaller than that of TikTok and Grindr, the vulnerabilities are arguably more severe. For one, there is no oversight or government monitoring of these companies, with the possible exception of one manufacturer which is already banned by the U.S. Government under Section 889. This company was engaging in illegal practices prior to 2019 and also had a temporary sales injunction placed against its products in 2024. As for the other players, the opaque nature of Chinese ownership means we have little knowledge as to who owns or controls these companies.

In comparison to SmartPhone apps, there are no privacy settings on cellular radio devices. So whomever hosts the devices, can likely access their microphones and cameras remotely. And finally, since these devices were sold to businesses and public safety users, cyber security issues are arguably more disruptive than pet videos and dating profiles.

Since the radio-over-cellular space is largely unregulated, we believe there is a security vulnerability that the industry and current users do not yet comprehend. But today, some U.S. equipment owners have failed to recognize the current legal risks for failing to verify the security and origin of their devices.

For example, security companies that provide services to hospitals, might expose their clients to HIPPA violations. Or, if they provide services to the U.S. Government, they might be violating Section 889 law. Verifying the security and origin of devices used to provide services to clients is usually baked into agreements. Thus, the decision to not conduct a thorough security audit can cost a company a major contract – as well legal and reputation risk.

In many industries, companies conduct third-party vendor (TPV) security audits to mitigate liability. For example, we’ve seen banks send risk consultants to debt collectors to make sure something as simple as the lock on the IT room security door is always kept in the locked position. But sadly, these security practices are not common in the radio industry.

Cyber defense and security in the LMR and PoC space is inferior to that of other industries, largely because the financial consequences are considered to be less impactful. On a broader level, industry stakeholders must recognize this deficiency and build awareness. As radios become more complex and interconnected, it’s imperative that security is given more attention.

Future generations of radios will be combined with PDA-type computers, cameras, and cellular technology. They may look more like smartphones than radios. Ensuring the security of each function, and their connected systems, will only become more complex and difficult to manage. Cyber defense strategies, both basic and advanced, must be considered.

We encourage you to examine the risks associated with your communications equipment. If you use cellular radios for sensitive 2-way communications, and have concerns about privacy, we suggest you download our complimentary threat questionnaire and share it with an IT security professional. Our questionnaire is a no-cost aid to assist them in their analysis. There are also many third-party supply chain auditors that can assist you as well.