A senior Whitehouse security official has confirmed that Chinese hackers were able to record telephone conversations of “very senior” American political figures.
Anne Neuberger, President Biden’s national security advisor for cyber and emerging technology, provided an update to reporters at the Manama Dialogue security conference in Bahrain on the extent of a campaign targeting telcos in the region.
The campaign compromised networks of major telecommunications companies including AT&T, Verizon, and Lumen Technologies.
Neuberger had previously warned that the campaign attributed to Salt Typhoon, which exposed metadata related to a large number of US citizens, was specifically designed to spy on high-ranking American political operators.
Now she has revealed that the group is believed to have recorded a number of phone calls of senior political figures.
“The purpose of the operation was more focused… [w]e believe … the actual number of calls that they took, recorded and took, was really more focused on very senior political individuals,” she clarified, according to reporting in Reuters.
Neuberger did not clarify the identities of those individuals targeted by the group, adding that the administration was still investigating the scope and scale of the campaign.
Spyware a growing concern for telecommunications firms
Commenting on the campaign, Paul Webber, ex-Gartner analyst and director of product management at BlackBerry Cyber, said the incident “provides a stark reminder that telecom networks present a desirable stratum for threat actors.”
“In an era where digital communication is the lifeblood of business and personal interactions, we must remember that public telecom networks are designed for reachability. Security trade-offs leave us inherently vulnerable,” he said.
Webber added that while CISA has issued new guidelines to protect communications networks, a vital part of the US’s critical national infrastructure, the UK’s cyber agency has not given similar advice.
“Despite collaboration from the U.S., Canada, Australia, and New Zealand, equivalent guidance has yet to be issued by UK or EU agencies, leaving many organisations responsible for taking proactive measures to secure communications.”
The Security Landscape 2024 report published by the GSMA, which represents mobile network operators around the world, identified a number of critical areas of concern for the industry.
It warned that virtualized infrastructure, such as virtual machines (VMs)and containers were becoming prime targets for cyber criminals.
The report also noted the growing threat posed by spyware used to steal confidential information from mobile networks, as well as emphasizing attackers’ exploitation of weaknesses in third party providers to gain initial access to network operator’s systems.
Webber outlined a number of measures that could be taken in order to better secure telecommunications networks.
“To protect against telecom espionage, cryptographic authentication is critical to secure communication channels, preventing identity fraud and countering threats like deepfakes which can easily emerge during massive telecom breaches,” he advised.
“A military-grade system is needed to provide end-to-end encryption for voice calls and messages and enable secure communication across international networks. This is vital in critical industries like government, healthcare, and financial services, to protect calls from foreign networks to standard mobile or VoIP phones.”
“Implementing these measures will strengthen the protection of sensitive information and enhance national security against espionage campaigns,” Webber concluded.
Source link
-
-
-
-
-
-
-
-
