Washington – Federal authorities are urgently investigating a cyberattack linked to China-backed hackers who targeted major US telecommunications companies and systems used for key government intelligence-gathering capabilities, a US official familiar with the matter confirmed to CBS News.
The hacking group known as “Salt Typhoon” has affected numerous companies, including Verizon, AT&T and Lumen Technologies. The official, who spoke on condition of anonymity, said the depth and severity of the hack are not yet clear.
According to the official, the Chinese hackers have compromised systems used by U.S. intelligence agencies to conduct wiretaps, and both government agencies and the affected private companies are trying to determine what information, if any, the malicious actors may have collected.
The hack was first reported by the Wall Street Journal. The FBI and other federal agencies, including the Cybersecurity and Infrastructure Security Agency, are currently investigating the cyber breach. The FBI, Justice Department and CISA did not comment.
AT&T and Lumen Technologies declined to comment for this report. Verizon did not immediately respond to CBS News’ request for comment.
What were the hackers targeting?
U.S. intelligence officials routinely seek court permission to use telecom systems like the one targeted in the breach to gather information for law enforcement or national security investigations. The U.S. official told CBS News that the China-backed hackers targeted U.S. surveillance capabilities used for operations including wiretaps, and investigators are now trying to determine how deeply the Chinese accessed the networks.
One fear is that the cyberattacks could have given the hackers access to information about ongoing US investigations – including those related to China – by collecting sensitive data and techniques.
What are US lawmakers saying?
In light of the reported hack, Senator Ron Wyden, an Oregon Democrat, urged the Justice Department and the Federal Communications Commission to implement mandatory, uniform security standards for telecom companies’ eavesdropping systems.
“The recently reported hack of U.S. telecommunications companies’ wiretaps should be a major wake-up call to the government,” Wyden said in a letter to FCC Chairman Jessica Rosenworcel and Attorney General Merrick Garland. “The DOJ’s outdated regulatory framework and failed approach to combating cyberattacks by protecting negligent companies must be addressed. The security of our nation’s communications infrastructure is of the utmost importance, and the government must take action now to correct these long-standing vulnerabilities.”
More specifically, Wyden asked the FCC to establish “baseline” cybersecurity standards for the telecom companies, enforceable through fines, and to require independent annual cybersecurity audits by third parties, among other things.
He asked the Justice Department to hold “negligent” companies accountable and be transparent about data breaches with Congress, researchers and the public. He said the government should prioritize companies’ responsibility for poor cybersecurity over prosecuting foreign hackers, as these hackers are rarely successfully brought to justice.
What else has China done?
FBI Director Christopher Wray and other top US officials have done the same long warned about China’s cyber threats. Hackers backed by the Chinese government has recently targeted U.S. water treatment plants and power grids, strategically positioning themselves within critical infrastructure systems to “wreak havoc and inflict real harm on American citizens and communities,” Wray told Congress in January.
Earlier this year, CISA officials issued a public advisory claiming that hackers, backed by China, are “seeking to prepare on IT networks for disruptive or destructive cyber attacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States. States.”
And in recent years, federal Justice Department officials have warned about China’s efforts to steal sensitive U.S. technological information to boost their own domestic capabilities.
A years-long cyber operation led by a notorious Chinese state actor known as APT 41 has siphoned off an estimated trillions of dollars in intellectual property from about 30 multinational companies across the pharmaceutical, energy and manufacturing industries. CBS News reports this in 2022. That included sensitive data from companies in North America, Europe and Asia.
Margaret Brennan,
and Nicole Sganga contributed to this report.
