FBI tells telecom firms to boost security following wide-ranging Chinese hacking campaign
Advertisement
Read this article for free:
or
Already have an account? Log in here »
To continue reading, please subscribe:
Monthly Digital Subscription
$0 for the first 4 weeks*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*No charge for 4 weeks then price increases to the regular rate of $19.00 plus GST every four weeks. Offer available to new and qualified returning subscribers only. Cancel any time.
Monthly Digital Subscription
$4.75/week*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*Billed as $19 plus GST every four weeks. Cancel any time.
To continue reading, please subscribe:
Add Free Press access to your Brandon Sun subscription for only an additional
$1 for the first 4 weeks*
*Your next subscription payment will increase by $1.00 and you will be charged $16.99 plus GST for four weeks. After four weeks, your payment will increase to $23.99 plus GST every four weeks.
Read unlimited articles for free today:
or
Already have an account? Log in here »
Hey there, time traveller!
This article was published 03/12/2024 (367 days ago), so information in it may no longer be current.
WASHINGTON (AP) — Federal authorities on Tuesday urged telecommunication companies to boost network security following a sprawling Chinese hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.
The guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency is intended to help root out the hackers and prevent similar cyberespionage in the future. Officials who briefed reporters on the recommendations said the U.S. still doesn’t know the true scope of China’s attack or the extent to which Chinese hackers still have access to U.S. networks.
In one sign of the global reach of China’s hacking efforts, the government’s warning was issued jointly with security agencies in New Zealand, Australia and Canada, members of the Five Eyes intelligence alliance, which also includes the U.S. and Britain.
Dubbed Salt Typhoon by analysts, the wide-ranging cyberespionage campaign emerged earlier this year after hackers sought to penetrate the networks of multiple telecommunications companies.
The hackers used their access to telecom networks to target the metadata of a large number of customers, including information on the dates, times and recipients of calls and texts.
The hackers succeeded in retrieving the actual audio files of calls and content from texts from a much smaller number of victims. The FBI has contacted victims in this group, many of whom work in government or politics, but officials said it is up to telecom companies to notify customers included in the first, larger group.
Despite months of investigation, the true scale of China’s operation, including the total number of victims or whether the hackers still have some access to information, is currently unknown.
The FBI has said some of the information targeted by the hackers relates to U.S. law enforcement investigations and court orders, suggesting the hackers may have been trying to access programs subject to the Foreign Intelligence Surveillance Act, or FISA. The law grants American spy agencies sweeping powers to surveil the communications of people suspected of being agents of a foreign power.
But on Tuesday, officials said they think the hackers were more broadly motivated, hoping to burrow deeply into the nation’s telecommunications systems to gain wide access to Americans’ information.
The suggestions for telecom companies released Tuesday are largely technical in nature, urging encryption, centralization and consistent monitoring to deter cyber intrusions. If implemented, the security precautions could help disrupt the Salt Typhoon operation and make it harder for China or any other nation to mount a similar attack in the future, said Jeff Greene, CISA’s executive assistant director for cybersecurity and one of the officials who briefed reporters Tuesday.
“We don’t have any illusion that once we kick off these actors they’re not going to come back,” Greene said.
Several recent high-profile hacking incidents have been linked to China and what officials say is Beijing’s effort to steal technical and government secrets while also gaining access to critical infrastructure such as the electrical grid.
In September, the FBI announced that it had disrupted a vast Chinese hacking operation that involved the installation of malicious software on more than 200,000 consumer devices, including cameras, video recorders and home and office routers. The devices were then used to create a massive network of infected computers, or botnet, that could then be used to carry out other cyber crimes.
In October, officials said hackers linked to China targeted the phones of then-presidential candidate Donald Trump and his running mate, Sen. JD Vance, along with people associated with Democratic candidate Vice President Kamala Harris.
China has rejected accusations from U.S. officials that it engages in cyberespionage directed against Americans.
On Tuesday, a spokesperson for China’s embassy in Washington called the U.S. allegations “disinformation.”
China’s government “firmly opposes and combats all kinds of cyber attacks,” spokesperson Liu Pengyu wrote in a statement emailed to The Associated Press. “The US needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China.”