President Joe Biden and his White House team are all hands on deck to thwart a massive Chinese hack of several U.S. telecommunications providers — but Beijing is still in a position to spy on large swaths of Americans, a U.S. cyber official said Wednesday to reporters.
The president has been briefed on the hack “several times,” and a special White House response group meets almost daily to discuss the hack, said Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, in a Wednesday call.
The White House is also working closely with at least eight US telecommunications providers hacked by the Chinese-backed hacking group Salt Typhoon, Neuberger said – the first official confirmation of the number of affected providers in the US. the White House has activated a new cyber defense task force between the NSA, the Pentagon and the Cybersecurity and Infrastructure Security Agency to address the breach.
Yet none of the U.S. telecommunications providers have been able to drive Chinese hackers out of their networks, Neuberger warned, meaning a large number of Americans remain vulnerable to Chinese eavesdropping.
“There is a risk of continued compromises in communications,” Neuberger said Wednesday. “Chinese access was broad in terms of potential access to communications from ordinary Americans.”
Salt Typhoon has already used its position at the backbone of several telecommunications companies to capture unclassified communications from the phones of senior U.S. government officials and to access metadata of U.S. telephone subscribers in large print, Neuberger added, adding to previous reports confirmed.
Salt Typhoon’s surveillance targets included President-elect Donald Trump and Vice President-elect JD Vance, POLITICO reports. POLITICO was also the first to report that Salt Typhoon had accessed the mobile data of large swaths of Americans, putting them too at risk of Chinese surveillance.
Neuberger’s comments were the latest sign that the Salt Typhoon hacks have roiled the upper echelons of D.C.’s national security establishment. It is also one of the most candid government statements yet about the stunning hacks, which the government only acknowledged in October.
On Tuesday, senior FBI and CISA officials said they first discovered the intrusions in the spring, though federal agencies only began cooperating in their investigations later. In November, federal investigators released a brief statement confirming that the Chinese had stolen mobile data, intercepted calling and texting data of selected individuals, and copied sensitive wiretap data from the affected companies.
However, the administration’s ongoing struggle to understand the full scope of China’s hacking efforts appears to be a major reason why the administration has been so silent.
Neuberger emphasized in Wednesday’s call that the victims are all private companies, and said the hack has affected not just the U.S. but “dozens of countries” around the world, complicating response efforts.
Telecom companies, equipment manufacturers and cybersecurity firms need to work together because “they can see parts of the Chinese campaign in different countries and networks around the world,” she said.
Although she did not name any of these countries, the only publicly known victims of the hack so far are headquartered in the US. Among them are AT&T, Verizon, T-Mobile and Lumen. In total, as many as 80 providers have been affected in some way, POLITICO reports.
Neuberger said the State Department has distributed recent guidance on how to counter the hacks to all embassies and consulates around the world, and that the NSA, Pentagon and CISA task force – known as the Enduring Security Framework – works closely with the telecommunications sector to limit the damage.
Still, Neuberger argued that the only way to prevent the Chinese from breaching telecommunications companies again was to impose new security mandates — an approach the Biden administration has taken to protect critical infrastructure in other sectors.
“Widely accepted cybersecurity practices would have made it much harder to implement and easier to recover from,” she said.
