A senior national security adviser in the Biden Administration has warned that a Chinese state-sponsored hacking group has breached telecommunications firms in “dozens of countries”.
Anne Neuberger, President Biden’s deputy national security adviser, said the campaign attributed to the threat actor known as Salt Typhoon is ongoing, and has breached at least eight US telcos, according to reporting in the Wall Street Journal.
“The Chinese compromised private companies exploiting vulnerabilities in their systems as part of a global Chinese campaign that’s affected dozens of countries around the world,” Neuberger said.
The WSJ cited an unnamed senior administration official, who added that a large number of Americans had their mobile phone metadata accessed during the intrusions.
The official clarified that the administration did not believe all Americans had their call information exposed, however, noting the stolen metadata was centered around specific regions.
This information is believed to have been used to identify devices used by senior government officials, the source told the WSJ, adding that the attacks may have potentially accessed the information systems used by the federal government for court-authorized network wiretapping requests.
The campaign has likely been underway for one to two years, Neuberger stated, but said the US government did not currently believe any classified information had been compromised.
Hackers may still be lurking on networks – US agencies recommend encrypted messaging apps
Neuberger’s statement came shortly after the FBI and CISA issued a joint statement advising on 3 December urging US citizens to use encrypted messaging platforms to protect themselves from potential hackers lurking on the networks.
Jeff Greene, executive assistant director for cybersecurity at CISA and an unnamed senior FBI official said using encrypted messaging apps would minimize their chances of having communications intercepted, recommending using encrypted voice communication if possible too.
“People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant” email, social media, and productivity tools, the FBI official said.
Trend Micro threat intelligence documenting the previous activity of Salt Typhoon suggests the group has been actively targeting critical national infrastructure and telecommunications companies since 2023.
The campaign has previously infiltrated networks of major telecommunications companies including Verizon, AT&T, and Lumen Technologies, according to an October report from the WSJ.
Jeff Simon, chief security officer at T-Mobile, issued a statement on 27 November stating that although its security teams had detected an attack after noticing suspicious network activity, no customer information was at risk.
Tim Perry, head of strategy at Prepared, and former deputy homeland security advisor for Cal OES, said the campaign is a stark reminder of the resources and capabilities of foreign state actors.
“These hacks are a reminder that our domestic communications infrastructure is critical to our national security. Foreign state actors have the resources and the motivation to exploit our network vulnerabilities, quietly infiltrate our communications networks and collect our most sensitive data,” he explained.
“That’s why local, state and federal law enforcement agencies – whether they are running wiretaps, supporting law enforcement sensitive operational communications or just administering their local 911 system – must remain up to date on the latest cyber threats.”
Source link
-
-
-
-
-
-
-
-
