Months after the initial discovery, Chinese state-sponsored hackers remain embedded within US telecommunications infrastructure, raising serious concerns about the security of our communications.
Back in the spring, reports emerged of a widespread hacking campaign dubbed “Salt Typhoon,” attributed to Chinese intelligence agencies. Now, senior US officials have confirmed that these hackers are proving difficult to dislodge, despite ongoing investigations and mitigation efforts.
As reported by Axios on December 3rd, 2024, “This is the first time U.S. officials have confirmed reports that Salt Typhoon hackers still have access to critical infrastructure — and they’re proving difficult to kick out.” 1
What’s at Stake?
The breach has granted these hackers “unprecedented access to records from U.S. telecommunications networks about who Americans are communicating with,” according to a senior FBI official quoted in the Axios article. This includes call metadata, and in some cases, the ability to intercept text messages and listen in on phone calls.
While the full extent of the intrusion remains unclear, officials believe that “most of the people who were caught up in this wide-reaching collection are believed to be in the D.C. metro area,” Axios reports.
What’s Being Done?
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued guidance to help telecom companies strengthen their defenses. This includes basic security hygiene measures such as:
- Maintaining comprehensive logs of network activity
- Keeping an inventory of all devices within the network
- Changing default passwords on equipment
However, officials concede that they don’t know when these hackers will be fully expelled from US networks. “It would be impossible for us to predict a time frame on when we’ll have full evictions,” stated Jeff Greene, a senior CISA official, as quoted by MSN in their article published on December 5th, 2024.
What Can You Do?
For now, government employees are being advised to use encrypted messaging apps to protect their communications. While the average person might not be a high-value target, it’s a good reminder for everyone to be mindful of their digital security and consider using encrypted communication tools for sensitive conversations.
This ongoing situation underscores the vulnerability of critical infrastructure to cyber espionage and highlights the need for constant vigilance and proactive security measures.
References:
- Axios: https://www.axios.com/2024/12/03/salt-typhoon-china-phone-hacks
- MSN: https://www.msn.com/en-us/politics/government/dozens-of-countries-hit-in-chinese-telecom-hacking-campaign-top-u-s-official-says/ar-AA1vhhRM
- Slashdot: https://news.slashdot.org/story/24/12/03/2159242/telcos-struggle-to-boot-chinese-hackers-from-networks
