Chinese state-sponsored hackers reportedly breached US internet service providers, including AT&T, Verizon, and Lumen Technology, to potentially steal sensitive US government data.
According to The Wall Street Journal, the incident might be a “catastrophic security breach” because the Chinese hackers, dubbed Salt Typhoon, may have accessed network infrastructure that ISPs use to answer court-authorized wiretapping requests. The access also may have persisted for months.
As a result, the Chinese hackers could have been spying on the US surveillance network to intercept internet-based communications. In addition, Salt Typhoon reportedly had access to certain portions of generic internet traffic, giving them a way to spy on users.
AT&T, Verizon, and Lumen haven’t commented on the alleged breach. But NSA Director General Timothy Haugh told journalists over the weekend that the incident is currently under investigation. “I think it’s premature for us to talk about this specific case. We’re really at an initial stage,” he said.
The Best Amazon Prime Day Deals Right Now
*Deals are selected by our commerce team
Security researchers, including Lumen’s own Black Lotus Labs, have discovered growing evidence of Chinese hackers infiltrating ISPs. In one case, Chinese attackers exploited a previously unknown vulnerability in networking software to install malware capable of harvesting passwords. In another incident, they infiltrated the ISPs to help them spread malware to unsuspecting users.
Recommended by Our Editors
Telecommunications firms usually have a legal obligation to report when a data breach occurs. But The Wall Street Journal notes that federal authorities can grant them an exemption if the breach pertains to national security.
In the meantime, the incident is causing some privacy researchers to call out the US government for maintaining a confidential “backdoor” to enable internet-based wiretapping. “Case in point: there’s no way to build a backdoor that only the ‘good guys’ can use,” tweeted Meredith Whittaker, president of the encrypted chat app Signal.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
About Michael Kan
Senior Reporter
