Over the weekend, Salt Typhoon, a group of Chinese state-backed hackers, allegedly targeted three major communication companies: Charter Communications, Consolidated Communications, and Windstream. This attack comes after Salt Typhoon had previously targeted other communication companies and internet service providers like AT&T, Verizon, and Lumen, gaining access to text messages, voicemails, and phone calls.
Anne Neuberger, White House deputy national security adviser for cyber and emerging technologies, revealed that nine US telecoms have already been targeted and breached by Chinese hackers. It remains unclear whether the latest three companies are part of this list.
With the increasing number of cyberattacks by Salt Typhoon on US telecommunications companies, the Cybersecurity and Infrastructure Security Agency (CISA) has recommended that senior government officials switch to end-to-end encrypted messaging apps, such as Signal, to reduce the risk of interception.
Chris Hauk, consumer privacy advocate at Pixel Privacy, advised potential targets of Chinese hackers to follow the steps outlined by the FBI and NSA to strengthen their systems against attacks. These steps include patching and upgrading apps and devices, restricting the types of connections and privileged accounts, and using strong encryption to enhance system security.
In response to threats from Chinese threat groups, the US Department of Treasury sanctioned Integrity Technology Group, a Chinese cybersecurity company, for its involvement in incidents led by Flax Typhoon against US targets. This action follows an attack on the Treasury Department by another Chinese state-sponsored threat actor.
Furthermore, US Senator Ron Wyden introduced a bill aimed at securing American telecom infrastructure, while Federal Communications Commission (FCC) chair Jessica Rosenworcel emphasized that the agency will swiftly take action to ensure the cybersecurity of US carriers.
These developments underscore the escalating cyber threats posed by state-backed hackers like Salt Typhoon and the urgent need for robust cybersecurity measures to protect critical infrastructure and sensitive data. As governments and organizations worldwide grapple with the challenges of defending against sophisticated cyberattacks, collaboration and vigilance are key to staying one step ahead of cyber adversaries.