At least 8 US companies hit in telecom attack spree, officials say

Salt Typhoon has compromised at least eight telecommunications providers or telecom infrastructure companies in the U.S., though there could be more, Anne Neuberger, deputy national security advisor for cyber and emerging technology, said Wednesday during a media briefing.

The campaign to intrude telecom companies, affiliated with China’s government, has been underway for between one to two years and has affected a few dozen countries thus far, a senior administration official said.

Telecom networks are a high-priority target, “one that’s in the bull’s-eye of nation-state programs,” a senior administration official said. “We believe this one is for espionage, but potentially for disruption at a time of crisis or conflict as well.” 

White House officials held the media briefing a day after the FBI and Cybersecurity and Infrastructure Security Agency confirmed Salt Typhoon stole a large amount of records, including metadata, from telecom providers. 

The threat group gained broad access to communications of everyday Americans and also targeted prominent individuals.

“Communications of U.S. government officials ride on these private sector systems, which is why the Chinese were able to access the communications of some senior U.S. government and political officials,”  Neuberger said. “At this time, we don’t believe any classified communications has been compromised.”  

Officials believe that the threat actors still have access to the networks, “so there is a risk of ongoing compromises to communications,” Neuberger said. “Until U.S. companies address the cybersecurity gaps, the Chinese are likely to maintain their access.”

White House officials called on regulatory agencies and lawmakers to require minimum cybersecurity practices at telecom providers, including secure configurations, and architecture for strong key management and monitoring for anomalous behavior on their networks.

“We believe these intrusions were sponsored by the Chinese government,” a senior administration official said. “China has efforts against multiple critical infrastructure sectors. This particular set of techniques, this particular effort and set of actors, we believe, is focused on the telecom sector.”