Article Details

Chinese hackers also breached Charter and Windstream networks. ​More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access to targeted individuals' text messages, voicemails, and phone calls, as well as wiretap information of those investigated by U.S. law enforcement. T-Mobile also disclosed in November that unknown attackers compromised some of its routers in a network reconnaissance attempt after connecting from a linked wireline provider's network. However, the company's Chief Security Officer, Jeff Simon, didn't link the hack to Salt Typhoon and said the carrier's cyber defenses stopped the attack. Over the weekend, sources familiar with the matter told the Wall Street Journal that the Chinese hackers have also breached the systems of Charter Communications, Consolidated Communications, and Windstream. When asked for confirmation, a Windstream spokesperson told BleepingComputer that the company doesn't "have anything to share." Charter and Consolidated Communications didn't reply to requests for comment when BleepingComputer reached out earlier today. While Anne Neuberger, the White House's deputy national security adviser for cyber and emerging technologies, told reporters on December 27 that the Chinese hackers breached nine U.S. telecoms, it's unknown whether these three carriers are among them or add to the list. Neuberger also said in an early December press briefing that Salt Typhoon had breached telecom companies in dozens of other countries. Following this wave of telecom breaches that have impacted numerous countries, CISA has advised senior government officials to switch to end-to-end encrypted messaging apps like Signal to mitigate communication interception risks. Additionally, the cybersecurity agency has released guidance to assist telecom administrators and engineers in strengthening their systems against Salt Typhoon attacks. U.S. Senator Ron Wyden of Oregon also announced a new bill to secure the infrastructure of American telecoms, while FCC Chairwoman Jessica Rosenworcel said the agency would act "urgently" to ensure that U.S. carriers are required to secure their networks against cyberattacks. In response to these telecom hacks, the U.S. government reportedly plans to ban China Telecom's last active operations in the United States. Additionally, U.S. authorities are considering banning TP-Link routers if ongoing investigations reveal that their use in cyberattacks poses a national security risk. The Treasury Department also linked Chinese-sponsored hackers last week to a recent breach of the agency's Office of Foreign Assets Control (OFAC), which administers trade and economic sanctions programs, in what it described as a "major cybersecurity incident."