The White House struggles to contain massive Chinese telco hacks

The White House struggles to contain massive Chinese telco hacks


President Joe Biden and his White House team are all hands on deck to thwart a massive Chinese hack of several U.S. telecommunications providers — but Beijing is still in a position to spy on huge swathes of Americans, a top U.S. cyber official told reporters Wednesday.

The president has been briefed “several times” about the hack, and a special White House response group is meeting to discuss it on a near daily basis, Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technology, said in a call on Wednesday.

The White House is also working in close cooperation with at least eight U.S. telecommunications providers that have been breached by the China-backed hacking group known as Salt Typhoon, Neuberger said — the first official confirmation of the number of affected providers in the U.S. In addition, the White House has activated a new cyber defense task force between the NSA, Pentagon, and Cybersecurity and Infrastructure Security Agency to address the breach.

Still, none of the U.S. telecommunications providers have managed to oust the Chinese hackers from their networks, Neuberger warned, which means that a large number of Americans remain vulnerable to Chinese eavesdropping.

“There is a risk of ongoing compromises to communications,” Neuberger said Wednesday. “The Chinese access was broad in terms of potential access to communications of everyday Americans.”

Salt Typhoon has already used its foothold inside the backbone of several telecommunications companies to sweep up unclassified communications from the phones of senior U.S. government officials, and access metadata from American phone subscribers writ large, Neuberger added, confirming earlier reports.

Salt Typhoon’s surveillance targets included President-elect Donald Trump and Vice President-elect JD Vance, POLITICO has reported. POLITICO was also the first to report that Salt Typhoon accessed the cellular records of huge swathes of Americans, putting them at risk of Chinese surveillance, too.

Neuberger’s comments were the latest sign that the Salt Typhoon hacks have rattled the uppermost reaches of the D.C. national security establishment. They are also one of the most candid government statements to date about the stunning hacks, which the government only acknowledged in October.

On Tuesday, senior FBI and CISA officials said they first detected the intrusions in the spring, though federal agencies did not begin cooperating on their investigations until later. In November, federal investigators issued a short statement confirming that the Chinese had stolen cellular records, intercepted call and text data from select individuals and copied sensitive wiretap data from the affected companies.

The government’s ongoing struggle to understand the full scope of the Chinese hacking effort appears to be a major reason the government has been so tight-lipped, however.

Neuberger emphasized in the call Wednesday that the victims are all private companies, and said the hack has not just affected the U.S. but “dozens of countries” around the world, complicating response efforts.

Telecoms companies, equipment makers, and cybersecurity firms need to work together because “they may see parts of the Chinese campaign in different countries and networks around the world,” she said.

While she did not name any of those countries, the only publicly known victims of the hack thus far are headquartered in the U.S. They include AT&T, Verizon, T-Mobile and Lumen. Overall, as many as 80 providers were impacted in some form, POLITICO has reported.

Neuberger said the State Department has distributed recent guidance on how to mitigate the hacks to every embassy and consulate around the world, and that the NSA, Pentagon and CISA task force — known as the Enduring Security Framework — is working closely with the telecommunications sector to mitigate the damage.

Still, Neuberger argued that the only way to prevent the Chinese from breaching telecommunications companies again was by imposing new security mandates — an approach the Biden administration has taken to protect critical infrastructure in other sectors.

“Commonly accepted cybersecurity practices would have made it far harder to execute and easier to recover from,” she said.



Source link

Prince Avatar

Leave a Reply

Your email address will not be published. Required fields are marked *

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

By signing up, you agree to the our terms and our Privacy Policy agreement.