Hackers for the Chinese government were able to deeply penetrate U.S. telecommunications infrastructure in ways that President Joe Biden’s administration hasn’t yet acknowledged, according to new reports from the Washington Post and New York Times. The hackers were able to listen to phone calls and read text messages, reportedly exploiting the system U.S. authorities use to wiretap Americans in criminal cases. The worst part? The networks are still compromised and it may take incredibly drastic measures to boot them from U.S. systems.
The hackers behind the infiltration of U.S. telecom infrastructure are known to Western intelligence agencies as Salt Typhoon, and this particular breach of U.S. equipment was first reported in early October by the Wall Street Journal. But Sen. Mark Warner, a Democrat from Virginia, spoke with the Washington Post and New York Times this week to warn the public that this is so much worse than we initially thought, dubbing it “the worst telecom hack in our nation’s history.” And those articles based on Warner’s warnings were published late Thursday.
Warner is chairman of the U.S. Senate Intelligence Committee and a former venture capitalist who bet big on telecom in the 1980s and 90s, making him uniquely qualified to talk about threats to U.S. communications infrastructure. And he says it’s really bad. “My hair’s on fire,” Warner told the Post.
Hackers weren’t able to monitor or intercept anything encrypted, according to the Times, which means that conversations over apps like Signal and Apple’s iMessage were probably protected. But end-to-end encryption over texts between Apple devices and Android devices, for instance, aren’t encrypted in the same way, meaning they were vulnerable to interception by Salt Typhoon, according to the Times.
Warner told the Post that the infiltration wasn’t directly related to the U.S. elections on Nov. 5, noting that hackers breached the system “months earlier,” and in some cases more than a year ago, though that logic is a bit confusing. If you wanted to hack a system and be prepared to gather intelligence for the election, you’d naturally want to do that well before the election. A spokesperson for Warner clarified through email Friday morning that the senator was saying this was “an espionage effort as opposed to an effort to influence the election.”
As for the targets, the Post reports fewer than 150 people have been identified as having their text messages or phone calls monitored and the FBI has been in contact with them. Most of the people are in the Washington DC area, which makes sense if the hackers were interested in political targets. But 150 people can communicate with a lot of people, even in a short period, so the number of targets could be in the “millions,” according to Warner. You get the sense U.S. authorities have no real idea how many people have been impacted, given the scope of the intrusion.
The details about how the hackers were able to push so deeply into U.S. systems are still scarce, but it has something to do with the ways in which U.S. authorities wiretap suspects in this country with a court order. The monitoring of phone calls wasn’t 24/7, according to Warner, but he didn’t seem to elaborate on what that meant to the Times.
From the Times:
Investigators believe that, so far, the Chinese hackers lack the ability to go back into the records they gained access to and listen to past calls. But they could gather metadata about previous calls—the phone numbers called, the length of the calls and perhaps the rough location of the cellphones involved. Even if they did not listen to many calls, the metadata and geolocation data the Chinese have gathered of important American officials are alarming.
All the major U.S. carriers, including AT&T, Verizon, and T-Mobile, were impacted, according to the Post. Incredibly, Warner says the hackers are still inside the U.S. system and there’s no obvious way to get them out that doesn’t involve physically replacing old equipment, according to Warner.
“This is massive, and we have a particularly vulnerable system,” Warner told the Post. “Unlike some of the European countries where you might have a single telco, our networks are a hodgepodge of old networks. […] The big networks are combinations of a whole series of acquisitions, and you have equipment out there that’s so old it’s unpatchable.”
With less than two months before inauguration day, this will soon become the problem of President Donald Trump, who talks tough on China but received at least $7.8 million from the country through payments to Trump Tower in New York and Trump hotels in DC and Las Vegas, according to a report in early 2024 from the House Oversight Committee. Trump’s pick for head of the FCC, Brendan Carr, told the Post he’d received briefings on Salt Typhoon but spoke very generally about what was ahead.
“Cybersecurity is going to be an incredibly important issue,” Carr said, according to the Post. “National security is going to be a top priority.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/23630242/acastro_STK052_02.jpg)
)
English (US) ·