Article Details
Scrape Timestamp (UTC): 2024-11-14 01:58:12.650
Source: https://www.theregister.com/2024/11/14/salt_typhoon_hacked_multiple_telecom/
Original Article Text
Click to Toggle View
China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign'. Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds. The US government has detected "a broad and significant cyber espionage campaign" conducted by China-linked attackers and directed at "multiple" US telecommunications providers' networks. In a joint statement issued on Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency (CISA), the two government bodies revealed the digital assaults resulted in "theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to US law enforcement requests pursuant to court orders." This is a step up from the two agencies' late October admission that they were on the case and actively providing assistance to affected companies and potential victims. It comes over a month after reports emerged that indicated a Chinese government-backed spy crew had breached US telecommunications networks Verizon, AT&T, and Lumen Technologies. The Wednesday announcement gets very close to verifying almost everything that has been previously reported about the incident: That, after breaking into telcos' networks, the China-linked entities – which have sometimes been labelled "Salt Typhoon" – compromised the wiretapping systems used for court-ordered surveillance; and that the snoops also targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican president-elect Donald Trump and VP-elect JD Vance. The feds "continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector," the statement continued, urging any org that suspects it might be a victim to contact its local FBI field office or CISA. Earlier this week, security researchers warned that a different Chinese government-backed spy crew – Volt Typhoon – is once again compromising old Cisco routers to build a botnet to break into critical infrastructure networks and kick off cyber attacks.
Daily Brief Summary
The U.S. government has identified a significant cyber espionage operation by China-affiliated groups targeting American telecommunications companies.
This campaign involved the theft of customer call records and the interception of communications from individuals predominantly in government or political roles.
Attackers gained access to systems used for court-ordered surveillance, jeopardizing sensitive law enforcement data.
Entities often referenced as "Salt Typhoon" have been implicated in these breaches, which affected major providers including Verizon, AT&T, and Lumen Technologies.
The FBI and CISA issued a joint warning, confirming much of the information previously reported over the past month regarding the breaches.
In addition to ongoing investigations, federal agencies are aiding the affected companies, enhancing cybersecurity defenses, and urging other potential victims to come forward.
This espionage act comes shortly after revelations about another Chinese group, "Volt Typhoon," exploiting vulnerabilities in network infrastructure to facilitate further attacks on critical systems.