Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign'
Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds
Updated The US government has confirmed there was "a broad and significant cyber espionage campaign" conducted by China-linked snoops against "multiple" American telecommunications providers' networks.
In a joint statement issued on Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency (CISA), the two government bodies said the previously-reported digital assaults resulted in the "theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to US law enforcement requests pursuant to court orders."
This is a step up from the two agencies' late October revelation that they were on the case and actively providing assistance to affected companies and potential victims. It comes over a month after reports emerged that indicated a Chinese government-backed spy crew had breached US telecommunications networks at Verizon, AT&T, and Lumen Technologies.
- Feds investigate China's Salt Typhoon amid campaign phone hacks
- US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
- Chinese cyberspies reportedly breached Verizon, AT&T, Lumen
- China's Volt Typhoon crew and its botnet surge back with a vengeance
The Wednesday announcement gets very close to verifying almost everything that has been previously reported about the affair: That, after breaking into telcos' networks, the China-linked entities – which have sometimes been labelled "Salt Typhoon" – compromised the wiretapping systems used for court-ordered surveillance; and that the snoops also targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican president-elect Donald Trump and VP-elect JD Vance.
In other words, here's some official acknowledgement of China drilling into American communications networks.
The Feds "continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector," the statement continued, urging any org that suspects it might be a victim to contact its local FBI field office or CISA.
Earlier this week, security researchers warned that a different Chinese government-backed spy crew – Volt Typhoon – is once again compromising old Cisco routers to build a botnet to break into critical infrastructure networks and kick off cyber attacks. ®
Updated to add on November 15
Reportedly, T-Mobile US and telecoms organizations outside of America, as well as inside, were also hit by Salt Typhoon.