The hackers of Salt Typhoon have carried out the "worst telecom hack in our nation’s history" infiltrating major U.S. telecom firms, exposing metadata and unencrypted messages of notable figures..png?width=1920&height=1080&name=The%20Salt%20Typhoon%20Hack%20(1).png)
On December 4, 2024, U.S. security officials revealed that hackers successfully compromised the infrastructure in at least eight U.S. telecommunications firms, including AT&T, Verizon and T-Mobile. The hack, carried out by a Chinese state-sponsored hacking group known in the US as “Salt Typhoon”, is especially alarming because of the massive impact of the campaign - besides the telecommunications companies, the cellular metadata of “a large number of Americans” was also exposed.
In a news call with NBC, an unnamed senior FBI official shared that the metadata, which included call records detailing who called and when, was not the most invasive part of the incident. Specific targets, like Donald Trump, JD Vance, among other congress employees and security officials, had their unencrypted text messages stolen. The cybercriminals were even able to listen on live phone calls. With access to the previously mentioned telecommunication firms, it is entirely possible they could have seen classified material covered by the Communications Assistance for Law Enforcement Act (CALEA). This intrusion is even deeper than the U.S. - Anne Neuberger, the deputy national security adviser for cyber and emerging technology said that the campaign “affected dozens of countries around the world”.
For those who have been following China’s cyber espionage efforts, the name, Salt Typhoon, may sound familiar. Earlier this year, the FBI and DOJ disrupted the Volt Typhoon cyber group, which infected hundreds of U.S.-based small office/home office routers with botnet malware. Flax Typhoon similarly infected routers, in addition to cameras, storage devices, and video recorders. Both ‘typhoons’ were remarkable because of the scope and type of affected devices - Volt Typhoon reached hundreds of American routers, and Flax Typhoon reached over 260,000 devices, all in the private sector. In these respects, Salt Typhoon is not unlike other cybergroups. Still, the breadth of this attack on the U.S. has branded them as the authors of the “worst telecom hack in our nation’s history - by far” according to one U.S. Senator.
Jeff Greene, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), spoke about what the recovery process would look like. Because of the sheer size of the attack, Greene said it was “impossible for us to predict when we’ll have full eviction” of the material. Neuberger also said they “do not believe any have fully removed the Chinese actors from these networks” - in other words, the intrusion is currently ongoing.
Fortunately, at least one agency is working to make sure this situation does not happen again. Jessica Rosenworcel, Chairwoman of the FCC, proposed draft regulations on December 5, 2024 requiring telecommunications companies to upgrade their cybersecurity or pay fines. In a statement, Rosenworcel defended the draft: “While the Commission’s counterparts in the intelligence community are determining the scope and impact of the Salt Typhoon attack, we need to put in place a modern framework to help companies secure their networks and better prevent and respond to cyberattacks in the future.” The regulations echo the ‘Secure by Design’ initiative championed by CISA officials like director Jen Easterly, placing more responsibility for using cybersecurity best practices on companies. If the proposal is adopted, it would take effect immediately.
In the meantime, there are still steps that regular Americans can take to protect themselves from Salt Typhoon and other groups targeting the telecommunications industry. U.S. officials are recommending that people use encrypted messaging apps. Greene called encryption “your friend…Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible.” The FBI official offered more advice when selecting a means of communication, suggesting a cellphone “that automatically receives timely operating system updates,” has “responsibly managed encryption” and is “phishing resistant”. Hopefully, these tips will guarantee some privacy for Americans in the case of another attack.