Sign up for your FREE personalized newsletter featuring insights, trends, and news for America's Active Baby Boomers

Newsletter
New

Chinese Hackers Used Broad Telco Access To Geolocate Millions Of Americans And Record Phone Calls

Card image cap


Chinese hackers that gained access to U.S. telecommunications networks in a sweeping cybersecurity breach were able to use their positioning to geolocate millions of individuals and record phone calls at will, deputy national security adviser for cyber and emerging technology Anne Neuberger told reporters on Friday.

A Chinese hacking group dubbed Salt Typhoon infiltrated U.S. telecommunication providers and used their covert access to steal a trove of Americans’ cell phone records and listen in on the conversations of senior U.S. political figures. POLITICO previously reported that President-elect Donald Trump, Vice President-elect JD Vance and senior Biden administration officials were among the known victims of the hacking campaign.

Investigators say they first detected Salt Typhoon's activities earlier this year. The FBI announced the U.S. was investigating the hacking campaign in October, after The Wall Street Journal first reported on the breaches a month prior.

In her remarks, Neuberger confirmed that nine telecommunications providers were impacted by the breaches, adding one more firm to the eight she acknowledged earlier this month. She noted that guidance was given to key U.S. telecommunications firms early on — a “hunting guide” and a “hardening guide” — that detailed Chinese hacking methods and allowed companies to “look for those techniques in their networks and call for help if they discover it.” This led to the determination that a ninth telco provider had been impacted by the same Salt Typhoon breach, alongside Lumen Technologies, AT&T, Verizon and T-Mobile.

It’s unclear if the Chinese hackers have been fully evicted from all of the U.S. telecommunications networks. Earlier this month, Neuberger said that none of the providers have managed to oust the Chinese hackers from their networks, an assertion that T-Mobile and Lumen have refuted.

Neuberger explained that once Chinese hackers infiltrated telecommunication networks, they essentially had “broad and full access” to American data, which allowed them to “geolocate millions of individuals” and “record phone calls at will.”

It’s unclear how many Americans were impacted by the breach at large, though Neuberger said a large number of individuals were geolocated in the Washington, D.C., area. ”We believe it was the goal of identifying who those phones belong to and if they were government targets of interest for follow-on espionage and intelligence collection of communications, of texts and phone calls on those particular phones.” She added that “probably less than 100” individuals were targeted for collection of their phone calls and texts.

It’s also difficult to adequately track the widespread impact of the incident, Neuberger said, because Chinese hackers are “very careful about their techniques,” and some details of the scope and scale of the campaign may never come to light. She said officials are focusing their efforts on holding China accountable and working with telecommunications companies to refine the “hardening guidance” and make it more difficult for cybercriminals to engage in large-scale hacking campaigns in the future.

“The first step is creating a defensible infrastructure. We wouldn't leave our homes, our offices unlocked, and yet our critical infrastructure, the private companies owning and operating our critical infrastructure, often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier and harder for countries and criminals to attack,” Neuberger said.

To that end, Neuberger called on the Federal Communications Commission to formalize the new security requirements it proposed for phone carriers earlier this month, and argued that voluntary cybersecurity practices are inadequate to protect against Chinese, Russian and Iranian hacking of U.S. critical infrastructure.

“We need to see … all the FCC commissioners vote to implement the required minimum cybersecurity practices across telecoms. Because once those are in place, once companies are taking those steps to make the networks defensible, we would feel more confident to say that the Chinese actors have been evicted and can continue to not be able to come in,” Neuberger said.

Separately, the Cybersecurity and Infrastructure Security Agency, alongside the National Security Agency, has set up a working group of experts across the public and private sectors to deal with threats to U.S. national security and critical infrastructure.

Neuberger added that the Department of Health and Human Services would soon be publishing a proposed new rule to add enhanced security requirements to the Health Insurance Portability and Accountability Act of 1996, or HIPAA, which is a federal law that protects the privacy and security of electronically protected health information.

“In this job, one of the most concerning and really troubling things we deal with is hacking of hospitals, hacking of health care data,” Neuberger said. “This is the first update to this 20-year rule in over a decade, and it will require entities who maintain healthcare data to do things like encrypt that data so if attacked, it cannot be leaked on the web and endanger individuals, and monitor their networks, do compliance checks of their networks to see that they meet those cybersecurity rules.”

John Sakellariadis contributed reporting.

Back to Listing
credit: 
Recent

  • Majority Of Justin Trudeau’s Caucus Calls On Him To Quit Read More

  • Puerto Rico Hit By Near-total Blackout Read More

  • After Latest NYPD Scandal, Adams Signals 2025 Campaign Messaging On Public Safety Read More