Hackers affiliated with the Chinese government have compromised the networks of multiple U.S. telecommunication companies to obtain call records and gain access to a limited number of individuals’ private communications, U.S. agencies warned in November. Now, federal officials are urging telecommunication companies to boost network security and recommending that Americans turn to encrypted communications to keep their interactions safe.
The alleged Chinese cyberespionage efforts, collectively dubbed Salt Typhoon, affected AT&T, Verizon, and T-Mobile networks, among others. The true scope of the attack and the extent to which the hackers still have access to U.S. networks remain unknown.
The malicious actors generally obtained three types of information: call records or metadata; live phone calls of some specific targets; and systems that telecoms use to let law enforcement and intelligence agencies with court orders track people’s communications. The FBI declined to say if any classified material was accessed.
People’s Republic of China (PRC) officials have denied the allegations and described them as disinformation.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI, and international partners published a joint guide yesterday to provide best practices to protect against PRC-affiliated threats. The practices include increased monitoring, boosted network management capabilities, and system and device hardening.
More Info