The White House has pointed fingers at telecommunications companies, blaming them for the Salt Typhoon hacks that have recently affected nine companies. The breach, according to Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technology, occurred due to the failure of these companies to implement basic cybersecurity measures.
Neuberger emphasized the need for telecom companies to enhance their cybersecurity practices by sharing threat-hunting guides and instructions for hardening their systems. These measures have already identified a new victim, bringing the total number of affected companies to nine. Despite efforts by the impacted companies to expel the hackers from their networks, the risk of further breaches remains high until all cybersecurity gaps are fully addressed.
In one instance, it was discovered that the hackers, believed to be state-affiliated actors from China, gained access to credentials for an administrator account with control over more than 100,000 routers. Additionally, the attackers erased logs of their activities, making it difficult to determine the full extent of the hack. Neuberger expressed concerns about the cybersecurity readiness of the telecom sector, stating that current networks are not adequately defended against sophisticated cyber threats like those from China.
While the White House cannot confirm the removal of the actors from the telecom networks, Neuberger mentioned that fewer than 100 individuals were directly impacted. The Chinese hackers were particularly interested in individuals located in the Washington, D.C. area, with a focus on identifying government targets for espionage and intelligence collection.
The attackers reportedly targeted the phones and data of high-profile individuals, including President-elect Donald Trump and Vice-president elect JD Vance. In response to the breaches, the White House outlined four key areas for improvement in telecom companies’ cybersecurity: configuration management, vulnerability management, network segmentation, and sector-wide information sharing. Neuberger also expressed support for new regulations proposed by the Federal Communications Commission to strengthen network security in the telecommunications sector.
These rules, modeled after similar regulations in Australia and the U.K., aim to enhance cybersecurity measures and prevent future attacks like the Salt Typhoon incident. Neuberger cited feedback from U.K. officials, who indicated that implementing such regulations could have expedited the detection and containment of the attack, reducing its impact and duration.
The White House’s efforts to address cybersecurity vulnerabilities in the telecommunications sector reflect the growing importance of protecting critical infrastructure from cyber threats. By encouraging companies to bolster their defenses and adopt best practices, policymakers aim to prevent future attacks and safeguard national security interests. As the investigation into the Salt Typhoon hacks continues, stakeholders are urged to prioritize cybersecurity measures to mitigate risks and enhance resilience against evolving cyber threats.