Chinese hackers have infiltrated the networks of at least three major U.S. telecommunications providers, including Verizon, AT&T, and Lumen.
This breach, reportedly aimed at uncovering the targets of American surveillance, has sparked serious concerns about its depth and potential impact.
Extensive Access and Potential Targets
The hackers, believed to be linked to China’s Ministry of State Security (MSS), specifically a group known as Salt Typhoon, have maintained access to these telecom giants’ systems for several months.
Their primary focus appears to be information related to lawful federal requests for wiretaps, but their access may have extended to general internet traffic as well.
Brandon Wales, former executive director at the DHS’s Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, described the operation as having “all the hallmarks of an espionage campaign — one with potentially deep access to the most important communication companies in the country.”
The potential ramifications of this breach are “potentially staggering,” he added.
Chinese Response and Denial
In response to these allegations, Liu Pengyu, a spokesman for the Chinese Embassy in Washington, denied any involvement by the Chinese government.
He accused the U.S. intelligence community and cybersecurity firms of fabricating evidence and spreading disinformation about China’s role in cyberattacks.
Liu Pengyu emphasized that China is also a victim of cyberattacks.
However, if China’s state-sponsored hackers have indeed accessed lists of federal surveillance targets or their communications, it could provide them with a significant advantage in countering U.S. intelligence efforts.
Ongoing Investigation and Security Concerns
The breach has prompted an extensive investigation involving the FBI, U.S. intelligence agencies, and the Department of Homeland Security.
At Verizon’s facility in Ashburn, Virginia, a war room has been established with personnel from the FBI, Microsoft, and Google’s Mandiant security division working to address the intrusion.
According to the WSJ report, The hackers reportedly exfiltrated data by reconfiguring Cisco routers within Verizon’s networks, showcasing their sophistication and raising concerns about existing security measures.
This operation by Salt Typhoon is distinct from other intrusions by Chinese hackers affiliated with the People’s Liberation Army, known as Volt Typhoon, which have targeted U.S. critical infrastructure in recent years. U.S. officials have yet to find evidence suggesting coordination between these two campaigns.
%20(1)%20(1).webp?w=1200&resize=1200,0&ssl=1&description=This breach, aimed at uncovering the targets of American surveillance, has sparked serious concerns about its depth and potential impact.){kind=link}