The U.S. government has confirmed that hackers with ties to China have infiltrated multiple U.S. telecommunications service providers and gained access to wiretapping systems used by law enforcement to monitor American citizens.
In a joint statement released on Monday, CISA and the FBI said they had uncovered an “extensive and significant” cyber espionage operation in which China-linked actors compromised the networks of “multiple telecommunications companies” in the United States. did.
CISA and the FBI have not named the compromised organizations, but the Wall Street Journal reports that telecommunications providers whose networks were compromised include AT&T, Lumen (formerly CenturyLink), and Verizon.
The WSJ reports that the Chinese hackers gained access to networks “for months or more” and collected “Internet traffic from Internet service providers serving large and small businesses and millions of Americans.” He was able to do so.
The US government agency confirmed on Monday that the breach allowed for the “theft of customer call log data” and the “compromise of private communications of a limited number of individuals.”
Authorities did not name the targeted individuals, but said they were “primarily involved in government or political activities.” Last month, reports said hackers with ties to China were targeting the cellphones of then-presidential candidate Donald Trump and his running mate, Sen. J.D. Vance.
China's hacking efforts also enabled China-linked hackers known as “Salt Typhoons” to copy “certain information that was the subject of a court-ordered U.S. law enforcement request,” according to the statement. It is said that it became.
The FBI and CISA have previously said they are investigating breaches by a Chinese-backed hacker group within multiple telecommunications providers, but they are unsure whether the data was stolen or used by the hackers to satisfy legal wiretapping requests. He did not say whether he accessed the system.
“The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) continue to provide technical assistance, quickly share information to assist other potential victims, and support cyber security across the commercial communications sector. We are working to strengthen our defenses,” the agencies said. . “We encourage organizations that believe they may be a victim to contact their local FBI field office or CISA.”