China’s hack of the US telecom history, already dubbed the “worst telecom hack in our nation’s history — by far,” should serve as a stark warning against encryption backdoors.
According to multiple reports, the Chinese government sponsored a hacking campaign—carried out by a group called Salt Typhoon—in a successful attempt to compromise US telecom companies and use that access to spy on high-value targets.
Senator Mark R. Warner, chairman of the Senate Intelligence Committee, minced no words in describing how bad the hack was, saying it is the “worst telecom hack in our nation’s history — by far,” according to The Washington Post.
“My hair’s on fire,” Warner said. He went to say “the American people need to know” the gravity of the situation.
“This is an ongoing effort by China to infiltrate telecom systems around the world, to exfiltrate huge amounts of data,” he added.
In a joint statement, the FBI and CISA addressed the hack, saying the number of known compromised accounts remains low, but is likely to increase as the investigation continues.
The U.S. government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.
Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector. We encourage any organization that believes it might be a victim to engage its local FBI Field Office or CISA.
The Post says that most of the impacted accounts are centered in the D.C. area, with the hack clearly targeting government officials. As the FBI and CISA point out, however, the full extent of the operation is likely much larger and will only become apparent with more investigation.