FBI warns telecommunications companies to increase security after widespread Chinese hacking of Americans’ text messages and phone calls

WASHINGTON – Federal authorities on Tuesday urged telecommunications companies to increase network security a large-scale Chinese hacking campaign that gave officials in Beijing access to the private text messages and phone calls of an unknown number of Americans.

The guidelines issued by the FBI and the Cybersecurity and Infrastructure Security Agency are intended to assist root out hackers and prevent similar cyberespionage in the future. Officials who briefed reporters on the recommendations said the United States still does not know the true scope of the Chinese attack or the extent to which Chinese hackers still have access to American networks.

In one sign of the global reach of China’s hacking efforts, the government issued a warning jointly with security agencies in New Zealand, Australia and Canada, which are members of the Five Eyes intelligence alliance, which also includes the United States and Britain.

The large-scale cyber espionage campaign, dubbed Salt Typhoon by analysts, began earlier this year after hackers tried to infiltrate the networks of numerous telecommunications companies.

Hackers used their access to telecommunications networks to attack the metadata of a vast number of customers, including information about dates, times and recipients of calls and text messages.

Hackers managed to recover actual audio files of calls and text messages from a much smaller number of victims. The FBI has contacted victims of this group, many of whom work in government or politics, but officials say it is up to telecommunications companies to notify customers in the first, larger group.

Despite months of investigation, the true scale of China’s actions, including the total number of victims and whether hackers still have access to the information, are currently unknown.

The FBI says some of the information targeted by the hackers relates to U.S. law enforcement investigations and court orders, suggesting the hackers may have been trying to access programs subject to the Foreign Intelligence Surveillance Act (FISA). The law gives U.S. spy agencies broad powers to surveil the communications of people suspected of being agents of a foreign power.

But officials said Tuesday that they believed the hackers had a broader motivation and hoped to penetrate deep into the nation’s telecommunications systems to gain broad access to Americans’ information.

The proposals for telecommunications companies published Tuesday are largely technical in nature and require encryption, centralization and consistent monitoring to deter cyber intrusions. If implemented, the security measures could assist disrupt Operation Salt Typhoon and make it more hard for China or another country to launch a similar attack in the future, said Jeff Greene, CISA’s deputy executive director for cybersecurity and one of the officials who briefed reporters Tuesday.

“We have no illusions that if we fire these actors, they won’t come back to us,” Greene said.

Several high-profile hacking incidents have been linked to China, with officials saying Beijing is trying to steal technical and government secrets while gaining access to critical infrastructure such as the electrical grid.

In September, the FBI announced that it had disrupted a large-scale Chinese hacking operation which involved the installation of malware on more than 200,000 consumer devices, including cameras, video recorders, and home and office routers. The devices were then used to create a huge network of infected computers, or botnets, which could then be used to carry out other cybercrimes.

In October, officials said the hackers were linked to China they were aiming at their phones then-presidential candidate Donald Trump and his running mate, Senator J.D. Vance, as well as individuals associated with Democratic vice presidential candidate Kamala Harris.

China has rejected accusations by US officials of engaging in cyber espionage against Americans.

On Tuesday, a spokesman for the Chinese embassy in Washington called the U.S. allegations “disinformation.”

China’s government “firmly opposes and combats all types of cyberattacks,” spokesman Liu Pengyu wrote in a statement emailed to The Associated Press. “The United States must stop its own cyberattacks on other countries and refrain from using cybersecurity to smear and denigrate China.”

Get in Touch

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related Articles

Latest Posts