The White House has confirmed that a ninth U.S. telecommunications company has fallen victim to the ‘Salt Typhoon’ campaign, a sophisticated cyberattack attributed to Chinese hackers.
This breach, which has now impacted at least nine major telecom providers in the U.S., has allowed hackers to steal metadata and, in some cases, the content of phone calls and text messages, raising alarms over national security and privacy concerns.
The ‘Salt Typhoon‘ campaign, which reportedly began in 2022, has exploited vulnerabilities in devices like routers, switches, and firewalls operated by telecom giants such as AT&T, Verizon, and Lumen Technologies.
By gaining persistent access to these networks, hackers have been able to collect large-scale data, including metadata that details the communication patterns of individuals and, in some instances, intercept the actual content of communications.
2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide
Deputy National Security Adviser Anne Neuberger revealed that the hackers managed to infiltrate the communications of high-ranking U.S. government officials and political leaders, although she assured that ‘classified communications’ remained secure.
Campaign Targeted Individuals
The campaign has targeted a substantial number of individuals, with the goal of identifying government targets for further espionage and intelligence collection, reads AP News report.
The FBI has noted that the hackers obtained metadata detailing “where, when, and who specific individuals were communicating with,” which could potentially expose sensitive counterintelligence operations.
This breach has also compromised backdoor systems used by law enforcement for court-ordered surveillance, adding another layer of complexity to the situation.
The scope of the attack is vast, with hackers gaining “broad and full access” to American data, allowing them to geolocate millions of individuals and record phone calls at will. Neuberger highlighted that while the number of individuals targeted for direct communication theft was probably less than 100, the impact on privacy and security is profound.
In response to these breaches, the U.S. government has taken several steps. The Federal Communications Commission (FCC) is being urged to formalize new security requirements for phone carriers, moving away from voluntary cybersecurity practices that have proven inadequate against nation-state actors like China.
Additionally, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), has established a working group to address threats to U.S. national security and critical infrastructure.
The Department of Health and Human Services is also set to propose new rules to enhance security requirements under HIPAA, aiming to protect healthcare data from similar cyber threats.
This incident underscores the persistent weaknesses in organizational cybersecurity practices, as noted by cybersecurity expert Richard Forno, who described the attack as “breathtaking in its scope and severity.” The U.S. is now focusing on holding China accountable and working with telecom companies to refine cybersecurity guidance to prevent future large-scale hacking campaigns.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free