Chinese hackers associated with Beijing’s foreign intelligence service were able to maintain extensive access to vulnerable telecommunications infrastructure in the United States, allowing them to target senior government officials and political leaders. According to Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger, the hackers, known as Salt Typhoon, were able to breach communication systems in order to steal customer call records and confidential data used in law enforcement investigations.
Neuberger disclosed that the hackers were sophisticated in their tactics, covering their tracks by erasing logs and exploiting companies with inadequate logging practices. The scope of the hack, which targeted high-profile individuals mainly in the Washington, D.C. area, allowed the hackers to potentially track millions of Americans through their cellphones.
The Cybersecurity and Infrastructure Security Agency and FBI initiated investigations earlier in the year after reports surfaced about targeted attacks on major broadband providers like Verizon Communications, AT&T, and Lumen Technologies. Despite efforts to contain the breach, experts believe that Salt Typhoon still has a presence within U.S. telecommunications infrastructure.
In response to these cyber threats, Neuberger called on telecom companies to enhance their cybersecurity measures. She cited an instance where hackers compromised over 100,000 routers due to a single insecure administrator account, emphasizing the need for improved security practices within the industry. Although the victim companies and individuals have not been publicly identified, it is unclear whether sensitive records from campaign phones were accessed by the hackers.
Highlighting the significance of the breach, Neuberger stated that China continues to target critical infrastructure in the U.S., including private sector entities. She emphasized the necessity for companies to prioritize fundamental security protocols to mitigate such risks effectively.
To address the ongoing threat, the federal government is planning to take further action against Beijing in the coming months. The Federal Communications Commission intends to vote on a declaratory ruling in January to reinforce cybersecurity protections for critical U.S. infrastructure. Additionally, the General Services Administration is working on enhancing cybersecurity measures in federal contracts to safeguard government systems.
President Joe Biden recently signed an annual defense bill authorizing $3 billion to aid small and rural carriers in replacing Chinese-made equipment. The FCC’s Secure and Trusted Communications Networks Reimbursement Program, initially allocated $1.9 billion, has struggled with a funding gap of $3 billion to fully eliminate the threat posed by Chinese telecom gear.
As the U.S. government ramps up efforts to combat cyber threats from foreign adversaries, the importance of bolstering cybersecurity defenses across all sectors, particularly critical infrastructure, remains a top priority. The coordinated response from government agencies and industry stakeholders aims to safeguard national security interests and protect sensitive data from malicious actors.