A massive cyberattack on US telecommunications companies like AT&T and Verizon, attributed to China, has prompted officials to urge Americans to adopt encrypted messaging apps to secure their communications. Last month, T-Mobile was under attack in Chinese cyber espionage.
Pay attention to the apps you are using so you can save yourself from a potential hack or breach.
Major Intrusion Targets US Telecom Giants
According to NBC News, the recent cyberattack, which Microsoft has termed Salt Typhoon, is one of the most significant intelligence breaches in US history.
Although the attack is still ongoing, officials from the FBI and Cybersecurity and Infrastructure Security Agency (CISA) confirmed that it targeted leading telecom companies like AT&T, Verizon, and Lumen Technologies.
The hackers gained access to sensitive information from these companies, including phone metadata, live calls, and law enforcement systems used for surveillance.
Read Also: New Breed of Scambaiting AI Systems Now Used by Telecoms to Safeguard Customers From Fraud
Chinese Espionage: A Longstanding Cyber Threat
As reported, the cyberespionage campaign is attributed to the Chinese government, which targeted the country's American politics and government for intelligence gathering.
The breach occurred prior to the 2024 election; however, officials highlighted that the attack was not related to interfering with election results but rather a form of traditional espionage.
What Kind of Information Was Stolen?
The breach exposed several forms of sensitive information:
- Call Logs and Metadata: The hackers mostly concentrated on metadata, which comprised of phone numbers called and the time of calls. It also emphasized this in the Washington D.C. regions.
- Live Telephone Calls: While some of the targets' live voice conversations were intercepted, one cannot be too sure how many such individuals are targeted.
- Law Enforcement Systems: The attackers accessed systems utilized by the different law enforcement agencies to monitor communications, including court orders and intelligence information.
Using Encrypted Messaging Apps Could Help Users Protect Themselves
As a reaction to the hack, officials are urging Americans to use encrypted messaging apps like Signal, WhatsApp, and iMessage for personal communications. These applications encrypt communications in a way that protects messages and calls from unauthorized access by hackers or intelligence agencies.
"We cannot say with certainty that the adversary has been evicted," Greene said. "We're on top of tracking them down ... but we cannot with confidence say that we know everything, nor would our partners, senior FBI official Jeff Greene told Politico.
Whereas encryption has been a hot topic for privacy advocates and law enforcement over the years, it is clear that it was never needed more.
The FBI has always resisted full encryption, which blocks access even with a warrant, but such an incident reveals the need for encryption when highly personal information needs to be ensured.
Role of CALEA Systems in Telecom Security
The other concern brought up by the breach is that the systems employed by the telecom firms, especially those under CALEA, are vulnerable.
CALEA systems permit law enforcement and intelligence agencies to monitor communications on the orders of courts. The point raised is that dependence on CALEA systems, which sometimes do not fully encrypt messages, makes them vulnerable to cyber attacks by foreign adversaries like China.
This reliance on insecure systems was criticized by privacy proponent Senator Ron Wyden, who, in response, told the nation that breaches expose sensitive communications to hackers.
The Aftermath of the Salt Typhoon Operation
The attack has caused much damage, but it points out the increasing risks of cyber espionage, especially from state-sponsored groups.
Although the breach has not yet been fully remediated, it suggests that everyone should not lower their guard down. After all, apps with end-to-end encryption can improve your safety when dealing online.
