434/67 Friday, December 6, 2024
U.S. federal officials have issued an urgent warning to telecom companies, calling for enhanced security measures following a significant cyberattack attributed to a Chinese hacker group known as Salt Typhoon. The attack targeted personal data of Americans, including text messages, phone conversations, and metadata about dates, times, and contacts of the victims.
The Salt Typhoon campaign, detected earlier this year, involved attempts to breach the networks of several telecom companies. The impact extended beyond the U.S., prompting a joint warning from the Five Eyes intelligence alliance, which includes New Zealand, Australia, Canada, the U.S., and the U.K. Officials revealed that hackers gained access to substantial amounts of metadata, successfully extracted actual audio files from phone calls, and retrieved text message content. Although the number of directly affected victims is relatively small, they include key figures in U.S. government and politics. The FBI has already contacted some of the victims.
The FBI noted that some of the targeted data pertained to investigations by law enforcement agencies and court orders, potentially linked to surveillance programs under the Foreign Intelligence Surveillance Act (FISA).
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have recommended proactive measures for telecom companies, such as data encryption, centralized data management, and regular security audits. Jeff Greene, CISA’s Assistant Director for Cybersecurity, stated, “Implementing these measures could have stopped the Salt Typhoon campaign and made similar future attacks more difficult.” He warned that while hackers might be removed from systems for now, there is no guarantee the threat will not reemerge.
In recent months, multiple cyberattacks linked to groups from China have been reported, including botnet attacks targeting power grids and breaches of over 200,000 personal devices, such as cameras, DVRs, and routers. China has denied all allegations, and the Chinese embassy in Washington has not responded to inquiries on the matter.
The Salt Typhoon incident underscores the importance of maintaining robust security for technological infrastructure, especially as cyberattacks grow in both scope and sophistication. Officials urged involved companies to alert their customers and swiftly enhance preventive measures to address future threats effectively.
