Bussiness
‘Terrifying’ Chinese hacking campaign sees large numbers of Americans’ data stolen, US officials say
A large number of Americans’ data has been stolen in a telecoms attack allegedly carried out by a Chinese hacking group dubbed “Salt Typhoon,” a senior US official has said.
US government agencies held a classified briefing for all senators on Wednesday to discuss China’s efforts to steal data from American telecommunications companies.
Hackers compromised eight telecommunications companies and stole customer call records and communication, according to a joint statement released by the FBI and US cyber watchdog agency CISA.
A White House official said “a large number of Americans’ metadata was taken,” speaking on condition that their name be withheld.
Pushed on whether or not it was everyone’s mobile phone in the country, the official said: “We do not believe it’s every cell phone in the country, but we believe it’s potentially a large number of individuals that the Chinese government was focused on”.
Senator Richard Blumenthal, who was in the classified briefing held this week, said the scale of the hacks was “terrifying”.
“The extent and depth and breadth of Chinese hacking is absolutely mind-boggling,” he said.
Loading…
Worst telecoms hack in US history
Senator Mark Warner, chairman of the Senate Intelligence Committee, said this was the “worst telecom hack in our nation’s history — by far”.
The White House has confirmed at least eight US telecom firms as well as dozens of nations have been impacted by this attack.
According to the FBI, the hackers used their access to telecom networks to target the metadata of a large number of customers, including information on the dates, times and recipients of calls and texts.
The hackers also succeeded in retrieving the actual audio files of calls and content from texts from a much smaller number of victims, the FBI has said.
Deputy National Security Adviser Anne Neuberger added that the smaller list of victims who had their audio files hacked included some senior US government officials and prominent political figures.
It was also reported that Chinese hackers targeted telephones belonging to then-presidential and vice-presidential candidates Donald Trump and JD Vance.
Ms Neuberger said President Joe Biden has been briefed on the findings and that the White House “has made it a priority for the federal government to do everything it can to get to the bottom of this”.
What has China said?
Beijing has repeatedly denied claims by the US government and others that it has used hackers to break into foreign computer systems.
“For quite some time, the US side has been floating all sorts of disinformation about threats of ‘Chinese hackers’ to serve its own geopolitical purposes,” Liu Pengyu, spokesperson for China’s embassy in Washington, said.
“China firmly opposes and combats all kinds of cyber attacks.”
The Chinese embassy in Washington rejected the accusations that it was responsible for the Salt Typhoon hack as well.
“US needs to stop its own cyber attacks against other countries and refrain from using cybersecurity to smear and slander China,” a spokesperson said.
The embassy did not immediately comment following the classified briefing on Wednesday.
FBI tells telcos to boost security
Federal authorities have urged telecommunication companies to boost network security following the alleged Chinese hacking campaign.
In a document issued to US telcos, the FBI gave advice on strengthening visibility, hardening software and incident reporting.
The guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency is intended to help root out the hackers and prevent similar cyber espionage in the future.
For government officials and politicians affected by the hack, the FBI has been in contact directly with them, it said.
However, officials said it was up to telecom companies to notify customers who were a part of the larger group of individuals whose data was stolen.
FBI officials said the US still did not know the true scope of China’s attack or the extent to which Chinese hackers still had access to US networks.
What happens next?
The US government confirmed that impacted companies were all responding to the attacks, but none “had fully removed the Chinese actors from these networks.”
“So there is a risk of ongoing compromises to communications — until US companies address the cybersecurity gaps, the Chinese are likely to maintain their access,” Deputy National Security Adviser Anne Neuberger said.
Ms Neuberger pointed to efforts made to beef up cybersecurity in the rail, aviation, energy and other sectors.
“To prevent ongoing Salt Typhoon-type intrusions by China, we believe we need to apply a similar minimum cybersecurity practice,” she said.
On December 11, a Senate Commerce subcommittee will hold a hearing on Salt Typhoon and how security threats pose risks to US communications networks, and review best practices.
ABC/Wires