Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding responses from telecom giants over reports that suspected Chinese hackers breached the infrastructure of major broadband providers, specifically targeting systems involved in court-authorized wiretaps.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
The FBI and Cybersecurity and Infrastructure Security Agency launched probes into the apparent espionage campaign after Wall Street Journal first reported that a Beijing-linked threat actor known as Salt Typhoon infiltrated broadband systems in the United States (see: Feds Probe Chinese ‘Salt Typhoon’ Hack of Major Telcos). The attack “appears to be geared towards intelligence collection” and is “extremely alarming for both economic and national security reasons,” a bipartisan group of lawmakers wrote in letters sent Friday to AT&T, Verizon and Lumen.
“Chinese hackers potentially accessed vulnerable information including court-authorized network wiretapping requests and internet traffic,” wrote House Energy and Commerce Committee Chair Cathy McMorris Rodgers, R-Wash.; Ranking Member Frank Pallone, Jr., D-N.J.; Communications and Technology Subcommittee Chair Bob Latta, R-Ohio; and Ranking Member Doris Matsui, D-Calif. “In an age where Americans rely heavily on your services for communication and connectivity, the integrity of your networks is paramount.”
Salt Typhoon – also known as GhostEmperor and FamousSparrow – has been previously connected to China’s Ministry of State Security, a major force in Beijing’s foreign intelligence efforts, and has been active since 2019. According to the Washington Post, the group’s most recent breach aimed to identify “Chinese targets of American surveillance.”
The letter said breaches targeting U.S. communications networks “are increasing in frequency and severity” and added that there is “growing concern regarding the cybersecurity vulnerabilities” embedded in the nation’s telecommunications infrastructure.
The lawmakers requested briefings from the three companies as early as Friday and sought answers to several questions, including when they first became aware of the network breaches, which law enforcement agencies they contacted and what steps they have taken to inform customers about the hacking and any potentially compromised data. The letter also asked for information about the measures the companies are implementing to address security vulnerabilities and what legislative actions Congress could consider to help protect U.S. broadband network infrastructure.
Sen. Ron Wyden, D-Ore., also sent a letter to Federal Communications Commission Chairwoman Jessica Rosenworcel and Attorney General Merrick Garland demanding the federal government “finally act to secure U.S. telephone and broadband companies’ wiretapping systems from hackers.”
“The government has never adopted mandatory security standards for these highly sensitive systems, which has reportedly resulted in serious harm to national security,” Wyden wrote, adding: “These telecommunications companies are responsible for their lax cybersecurity and their failure to secure their own systems, but the government shares much of the blame.”
Growing concerns around Chinese cyber espionage operations come after CISA recently warned that hackers associated with Beijing have maintained access and footholds in some U.S. critical infrastructure information technology environments “for at least five years” (see: Chinese Hackers Preparing ‘Destructive Attacks,’ CISA Warns).
AT&T, Verizon and Lumen have not publicly commented yet on the reported breaches, and did not immediately return requests for comment.