Getty Images/iStockphoto
Risk & Repeat: China hacks major telecom companies
The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests.
The FBI and CISA revealed this month that a Chinese nation-state threat group breached several U.S. telecommunications carriers, activity that reflects the scale and severity of China's hacking efforts.
The agencies confirmed recent reports of telecom breaches in a joint statement published last week, saying the People's Republic of China (PRC) was conducting a "broad and significant cyber espionage campaign" to spy on government and political leaders.
"Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders," the joint statement read.
This statement came more than a month after The Wall Street Journal (WSJ) broke a story regarding the Chinese government breaching U.S. telecom and broadband providers such as Verizon, Lumen Technologies and AT&T. T-Mobile later confirmed it had been compromised as well, although the exact extent remains unclear. The WSJ reported the attacks were carried out by a Chinese nation-state group known as Salt Typhoon.
The compromise of multiple telecom giants follows a slew of PRC-related threat activity in recent months. On Friday, Volexity reported that a Chinese APT was exploiting a vulnerability in Fortinet's Windows VPN client that was first reported to the vendor in July. Additionally, the U.S. government disrupted two Chinese state-sponsored botnets, one early in the year and one in September, that threat actors used to conduct attacks against various organizations.
TechTarget editors Rob Wright and Alex Culafi discuss the telecom breaches and China's recent hacking efforts in this Risk & Repeat podcast episode.
Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.