A ninth U.S. telecom company has now been confirmed as a target in a widespread Chinese cyberespionage campaign, Salt Typhoon. This sophisticated attack has infiltrated telecom networks, compromising private communications, including phone calls and text messages. Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, revealed this latest breach, emphasizing the growing scale and impact of the campaign.
The Biden administration had previously reported that eight telecom firms and multiple countries were affected by the same hacking initiative. Hackers exploited weaknesses in telecom infrastructure to access sensitive information, such as call logs, locations, and private messages, revealing the depth of the threat.
Government Officials in the Crosshairs
Neuberger noted that while the exact number of individuals impacted by the attack remains unclear, the majority of those targeted are in the Washington-Virginia area. Many of the victims were connected to government or political work, prompting officials to believe that the hackers were focusing on government figures of interest.
The FBI has not publicly confirmed the identities of those targeted, but it is suspected that senior U.S. officials and political leaders were among the victims. However, due to the hackers’ sophisticated methods, including deleting logs, the full scale of the breach remains difficult to assess.
Need for Stronger Cybersecurity Regulations
The breach has reignited concerns about the cybersecurity vulnerabilities within the private sector, particularly in telecommunications. Neuberger called for more stringent cybersecurity measures to safeguard critical infrastructure, stating that basic protections often remain inadequate against state-backed cyber threats.
“We wouldn’t leave our homes or offices unlocked, yet we allow our critical infrastructure to be so vulnerable,” she said. Neuberger criticized voluntary cybersecurity practices, arguing they are no match for the capabilities of hackers from nations like China, Russia, and Iran.
The Federal Communications Commission (FCC) is expected to take action in the coming weeks to address these concerns, proposing stronger cybersecurity regulations for telecom providers.
Biden Administration Takes Action
In light of the breach, the Biden administration has rolled out a series of cybersecurity measures aimed at fortifying the nation’s defenses against future attacks. These measures include:
– Stricter Cybersecurity Regulations: New requirements for telecom companies to improve cybersecurity and prevent further breaches.
– Updated Security Guidelines: Technical recommendations focusing on network segmentation and configuration management to reduce the movement of hackers within networks.
– Enhanced Healthcare Protection: Strengthening cybersecurity practices to protect sensitive healthcare data.
“By segmenting the network, even if attackers gain access, we can control and contain their movement,” Neuberger explained, highlighting the importance of defensive strategies.
China Denies Involvement
In response to the accusations, China has firmly denied its involvement in the Salt Typhoon campaign. Liu Pengyu, a spokesperson for the Chinese embassy in Washington, dismissed the claims as “smear attacks,” urging the U.S. to adopt a more responsible stance when making such allegations.
“China itself is a target of international cyberattacks,” Liu said, referencing Chinese President Xi Jinping’s denial of hacking activities during his meeting with U.S. President Joe Biden at the APEC summit in Lima.
Ongoing Threat and Future Protection
Salt Typhoon, which is believed to have been active since 2022, exploited telecom infrastructure vulnerabilities to access confidential data. The successful campaign has exposed significant weaknesses in the telecom sector and has prompted a reevaluation of national security protocols.
Neuberger emphasized the importance of learning from this breach to bolster future defenses. “We must lock down our infrastructure and hold those responsible accountable,” she said.
The incident also underscored the need for improved logging and monitoring practices. Many companies failed to maintain adequate logs, hindering efforts to fully understand the scope of the breach.
