The CISA and FBI have issued an advisory detailing a sophisticated cyberespionage campaign by state-sponsored Chinese hackers that has successfully infiltrated US telecommunications networks.
The US government has exposed a large-scale cyberespionage campaign launched by Chinese state-sponsored hackers. This campaign is mainly targeting critical telecommunications infrastructure in the United States and has resulted in the theft of sensitive data, including call records and private communications of individuals involved in government and political activities.
It is worth noting that this security advisory follows just a month after China’s Salt Typhoon group was accused of hacking AT&T and Verizon, allegedly accessing sensitive wiretap data.
According to the advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), Chinese state-sponsored actors have successfully compromised the networks of multiple telecommunications providers.
“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders.”
CISA – FBI
One of the most concerning aspects is the possible impact of this attack on US national security. By targeting telecommunications providers, hackers can gain a trove of sensitive information, including communications between government officials, military personnel, and other high-value targets. The compromised data could be used for intelligence gathering, blackmail, or other malicious purposes.
The advisory states that the US government has taken steps to mitigate the threat posed by this cyberespionage campaign. CISA and the FBI are working closely with affected telecommunications providers to identify and address vulnerabilities. Additionally, the US government is urging individuals and organizations to take steps to protect themselves from cyber threats.
The China Threat
While the United States is known for targeting Chinese infrastructure, China has also emerged as a persistent threat to US critical infrastructure, with state-sponsored hacking groups repeatedly targeting key sectors.
Last month, Chinese hacking group Salt Typhoon (aka GhostEmperor, FamousSparrow, and Earth Estries) breached the systems of major US telecom companies AT&T, Verizon, and Lumen Technologies, potentially compromising wiretap systems used in criminal investigations.
Another Chinese state-sponsored threat actor Volt Typhoon hacked Singapore-based Singtel a few days back, probably in preparation for attacks against US wireless carriers, Bloomberg reported.
Considering the extensive implications of such persistent threats, telecommunications providers must invest in advanced security technologies and train their employees to recognize/respond to cyber threats. Additionally, international cooperation is essential to combat cybercrime and hold cybercriminals accountable.
RELATED TOPICS
- United Airlines Hacked by Chinese Group Behind The OPM Breach
- Chinese SMS Phishing Group Hits iPhone Users in India Post Scam
- China Hacked Federal Deposit Insurance Corporation with Malware
- Five Eyes Accuses Chinese APT40 for Hacking Government Networks
- Critical Vulnerabilities Expose Nearly 1 Million DrayTek Routers Globally