Telecom Providers Assure Network Security After Chinese Salt Typhoon Breach

December 29, 2024 TruthUSA

AT&T and Verizon have acknowledged that a small group of high-profile clients was targeted by Chinese hackers.

According to the telecommunications companies, a hacking group supported by China, known as Salt Typhoon, targeted AT&T and Verizon, but their systems are now secure.

In contrast, Lumen Technologies, which is the parent company of CenturyLink, stated on Sunday that it had found no signs of Chinese cyber activity in its network.

This comes after the White House announced on Friday that it had identified a ninth U.S. telecom network that was breached as part of a vast espionage effort that started in 2022, and that they are still assessing the extent of the infiltration.

Officials did not provide a complete list of the compromised networks. Earlier this month, the FBI indicated that malware from Salt Typhoon and two additional Beijing-supported hacking groups, referred to by Microsoft as Flax Typhoon and Volt Typhoon, remain embedded in certain U.S. systems.

In a statement to The Epoch Times, Verizon confirmed it had informed “a small number of high-profile clients in government and politics” about the breach.

The company added that it has contained the threat and that “an independent and highly regarded cybersecurity firm” has validated this containment.

“As soon as we became aware of this incident, Verizon took multiple proactive measures to safeguard its customers and network, including collaborating with federal law enforcement, national security organizations, industry partners, and private cybersecurity firms,” stated Vandana Venkatesh, Verizon’s Chief Legal Officer.

“We have not observed any activity from threat actors within Verizon’s network for a considerable time, and after significant efforts to address this incident, we can confirm that Verizon has contained the activities related to this specific case.”

On Saturday, an AT&T representative told Reuters that the company has seen “no activity from nation-state actors in our networks at this moment.”

According to the spokesperson, “Our current investigation indicates that the People’s Republic of China targeted a limited number of individuals for foreign intelligence purposes.”

Although only a few instances of compromised information were found, AT&T is actively monitoring and addressing its networks to safeguard customer data and is collaborating with authorities to evaluate and respond to the threat, the spokesperson added.

A representative from Lumen Technologies informed The Epoch Times that there is no evidence of Chinese involvement in its network.

“An independent forensic firm has verified that Salt Typhoon is no longer present in our network. Furthermore, our federal associates have not provided any information suggesting otherwise. To date, there is no evidence that customer data was accessed on our network,” the spokesperson declared.

In the meantime, T-Mobile’s Chief Security Officer, Jeff Simon, noted in a blog published on Friday that the company halted attempts to breach its systems “in the last few weeks,” although it could not definitively identify the attackers.

Government officials have previously stated that Salt Typhoon has been targeting a limited group of high-profile officials and politicians over an extended period. However, Simon remarked that this has “not been the case at T-Mobile.”

Chinese officials have characterized these allegations as disinformation and asserted that Beijing “strongly opposes and combats cyber attacks and cyber theft in all forms.”

The FBI and the Cybersecurity & Infrastructure Security Agency (CISA) confirmed in October that they were investigating cyber threats associated with the Chinese government following reports about Salt Typhoon’s activities.

In November, the FBI and CISA issued a joint statement, indicating that Chinese hackers had targeted the commercial telecommunications infrastructure in a comprehensive and significant cyber espionage operation, stealing customer call record data, compromising the private communications of government officials and politicians, and duplicating information that was subject to U.S. law enforcement requests pursuant to court orders.

Anne Neuberger, deputy national security adviser for cyber and emerging technologies, told reporters on December 7 that the hackers had obtained a significant amount of Americans’ metadata while focusing on several “very senior political individuals.”

On Friday, Neuberger mentioned that it is believed the hackers geolocated numerous individuals in the Washington DC and Virginia areas, targeting “likely less than 100 individuals overall.”

Earlier this month, CISA issued guidance for “highly targeted” senior government officials and politicians, recommending they “use only end-to-end encrypted communications” and implement additional strategies to mitigate risks posed by Chinese hackers.

This report includes contributions from Reuters.

Source link