Following a massive Chinese hacking campaign that gave officials in Beijing access to the private texts and phone conversations of an undetermined number of Americans, federal authorities urged telecom providers on Tuesday to strengthen network security.
The goal of the FBI and the Cybersecurity and Infrastructure Security Agency’s guidelines is to assist in identifying the hackers and stopping future instances of this kind of cyberespionage.
The U.S. is still unaware of the full scale of China’s attack and the degree to which Chinese hackers still have access to American networks, according to officials who briefed reporters on the proposals.
The government’s warning was released in coordination with security agencies from New Zealand, Australia, and Canada—all of which are part of the Five Eyes intelligence alliance, including the United States and Britain—as an indication of the global scope of China’s hacking activities.
The extensive cyberespionage campaign, which researchers have dubbed Salt Typhoon, began earlier this year when hackers attempted to breach the networks of many telecom companies.
The hackers targeted the metadata of numerous consumers, including the dates, timings, and recipients of calls and texts, by using their access to telecom networks.
Laptops 1000A significantly lesser proportion of victims had their actual audio call files and text message content recovered by the hackers.
Although officials stated that telecom companies are responsible for informing consumers who are part of the first larger group, the FBI has contacted victims in this group, many of whom are employed in government or politics.
The whole scope of China’s operation, including the number of victims or if the hackers still have some access to information, is still unknown despite months of investigation.
The FBI claims that some of the data the hackers sought was related to court orders and U.S. law enforcement investigations, raising the possibility that the hackers were attempting to get access to programs covered by the Foreign Intelligence Surveillance Act, or FISA.
The law gives American intelligence services broad authority to monitor communications from anyone who may be suspected of being a foreign power agent.
However, officials stated on Tuesday that they believe the hackers had a broader goal in mind, intending to penetrate the country’s telecommunications networks to obtain extensive access to American data.
Mostly technical, the recommendations made to telecom providers on Tuesday call for encryption, centralization, and constant monitoring to prevent cyber breaches
According to Jeff Greene, CISA’s executive assistant director for cybersecurity and one of the officials who briefed reporters Tuesday, if the security measures are put in place, they could help disrupt the Salt Typhoon operation and make it more difficult for China or any other country to launch a similar attack in the future.
Greene stated, “We don’t have any illusion that once we kick off these actors, they won’t return.”
China has been implicated in several high-profile hacking instances in recent years, which officials claim are part of Beijing’s attempt to obtain access to vital infrastructure, including the electrical grid, while simultaneously stealing government and technical secrets.
The FBI declared in September that it had stopped a massive Chinese hacking operation that had infected over 200,000 consumer devices, including routers for homes and offices, cameras, and video recorders, with malicious software.
The gadgets were then used to build a vast botnet—a compromised computer network—that could be exploited to commit additional cybercrimes.
Officials reported in October that Chinese hackers had targeted the phones of Democratic nominee Vice President Kamala Harris, then-President Donald Trump, and Sen. JD Vance, his running partner.
U.S. officials have accused China of cyberespionage targeting Americans, a claim that China has denied.
A representative for China’s embassy in Washington referred to the American accusations as “disinformation” on Tuesday.
In a statement sent via email, spokesperson Liu Pengyu said that the Chinese government “firmly opposes and combats all kinds of cyber attacks.” “The United States must cease its cyberattacks against other nations and abstain from using cyberspace to disparage and defame China.”
