U.S. Officials Offer Warnings and Guidance in the Wake of Salt Typhoon Cyberespionage Attacks
Hackers affiliated with the Chinese government have compromised the networks of multiple U.S. telecommunication companies to obtain call records and gain access to a limited number of individuals’ private communications, U.S. agencies warned in November. Now, federal officials are urging telecommunication companies to boost network security and recommending that Americans turn to encrypted communications to keep their interactions safe.
The alleged Chinese cyberespionage efforts, collectively dubbed Salt Typhoon, affected AT&T, Verizon, and T-Mobile networks, among others. The true scope of the attack and the extent to which the hackers still have access to U.S. networks remain unknown.
The malicious actors generally obtained three types of information: call records or metadata; live phone calls of some specific targets; and systems that telecoms use to let law enforcement and intelligence agencies with court orders track people’s communications. The FBI declined to say if any classified material was accessed.
People’s Republic of China (PRC) officials have denied the allegations and described them as disinformation.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI, and international partners published a joint guide yesterday to provide best practices to protect against PRC-affiliated threats. The practices include increased monitoring, boosted network management capabilities, and system and device hardening.
“The PRC-affiliated cyber activity poses a serious threat to critical infrastructure, government agencies, and businesses. This guide will help telecommunications and other organizations detect and prevent compromises by the PRC and other cyber actors,” said CISA Executive Assistant Director for Cybersecurity Jeff Greene in an agency news release. “Along with our U.S. and international partners, we urge software manufacturers to incorporate Secure by Design principles into their development lifecycle to strengthen the security posture of their customers. Software manufacturers should review our Secure by Design resources and put their principles into practice.”
Meanwhile, U.S. officials in the FBI and CISA recommended that Americans turn to encrypted messaging apps to keep communications hidden from malicious actors, NBC News reported.