Federal Agency Calls on Senior US Officials to Urgently Transition to Encrypted Messaging Apps
The advisory was released following cyberattacks on U.S. telecommunications systems by hackers linked to the Chinese Communist Party.
A federal agency issued a critical alert on Wednesday to high-ranking government officials and lawmakers, urging them to cease the use of standard phone calls and text messages. This comes in light of significant cybersecurity breaches by Chinese hackers targeting major U.S. telecommunications firms.
“Utilize only end-to-end encrypted communication,” the guidance stated, noting that these “highly targeted individuals” must “presume that all interactions between mobile devices—whether government or personal—and online services are vulnerable to interception or alteration.”
End-to-end encryption ensures that information is only readable by the sender and the intended recipient. Several messaging applications, including WhatsApp, Signal, iMessage, and BrightChat, provide this type of encryption.
In contrast, conventional phone calls and text messages lack end-to-end encryption, making them susceptible to monitoring by telecommunications providers, law enforcement, or potentially by hackers.
Related Stories
Previously, CISA has alerted that hackers affiliated with the Chinese regime, referred to as “Salt Typhoon,” have infiltrated U.S. telecommunications networks, potentially gaining access to sensitive personal data.
This warning was reinforced on Wednesday, with CISA’s executive assistant director for cybersecurity, Jeff Greene, informing the press that the government is still investigating the incident, and various affected agencies and individuals are currently responding at different levels. It remains unclear if Chinese hackers are still active within the systems of U.S. telecommunications companies.
Greene noted that Salt Typhoon’s breach is indicative of a broader trend of cyber operations from the Chinese regime aimed at critical infrastructure, referencing cyber activities linked to utilities and sensitive networks, collectively termed “Volt Typhoon.”
“This is an ongoing effort by the Chinese regime that necessitates our long-term preparation and defense,” he emphasized.
CISA’s additional recommendations include steering clear of text messages that utilize one-time passwords, which are frequently sent by U.S. banks for login verification, and encouraging the use of hardware keys to guard against phishing tactics that aim to steal passwords.
Earlier this month, Greene reiterated that Americans in general should consider encrypted messaging applications.
“Our advice, what we have communicated internally, remains consistent: Encryption is advantageous, whether for text messaging or encrypted voice communication. Even if adversaries manage to intercept data, encryption renders it unintelligible,” Greene explained to reporters.
Simultaneously, both Democratic and Republican senators have requested the Department of Defense (DOD) to probe into espionage efforts spearheaded by the Chinese targeting American telecom companies. Reports indicate that these cyber intrusions have compromised private communications of “a limited group of individuals” involved in politics.
The recent advisories mark a shift from earlier statements made by high-ranking federal officials. At a 2018 event, FBI Director Christopher Wray asserted that end-to-end encryption presents challenges for federal law enforcement, labeling it an “urgent public safety concern.”
Reuters contributed to this report.
