Multiple intelligence agencies are recommending that telecommunication companies boost communications infrastructure security in the aftermath of a Chinese hacking campaign that targeted the sensitive sector.
“It also guides organizations to reduce existing vulnerabilities, improve secure configuration habits, and limit potential entry points,” CISA said.
CISA Executive Assistant Director for Cybersecurity Jeff Greene called the China-backed hackers a “serious threat” to America’s critical infrastructure, businesses, and government agencies. The recommendations are expected to help organizations identify and block compromises from cyber actors.
Attacks carried out by Salt Typhoon are believed to have affected major telecom networks including Verizon, CenturyLink, and AT&T.
The group also attacked companies and key political figures including 2024 presidential candidates Vice President Kamala Harris and then-former President Donald Trump, now the president-elect. Sen. JD Vance (R-Ohio), now the vice president-elect, had also revealed that his phone had been targeted by Chinese hackers.
Warner said that Salt Typhoon did not specifically target the U.S. elections.
“It has been, unfortunately, going on for some time,” he said. “I believe it begs the fact that we do not have any minimum cybersecurity within our telecom section.
“I think it will go down as maybe one of the most significant cyberattacks we’ve faced in our country.”
The Chinese Threat
Last month, national security adviser Jake Sullivan met with executives from the telecom sector to discuss ongoing threats posed by the Chinese Communist regime’s state-sponsored cyber activity.“The botnet devices were infected by People’s Republic of China (PRC) state-sponsored hackers working for Integrity Technology Group, a company based in Beijing, and known to the private sector as ‘Flax Typhoon,’” the DOJ said.
The botnet, controlled by Integrity, “was used to conduct malicious cyber activity disguised as routine internet traffic from the infected consumer devices,” it said.
Washington’s enforcement operation took control of hackers’ computer infrastructure and subsequently tackled the malware infecting the devices.
According to the FBI, Flax Typhoon has successfully attacked several companies, government agencies, media groups, and universities worldwide.
“The targeted hacking of hundreds of thousands of innocent victims in the United States and around the world shows the breadth and aggressiveness of PRC state-sponsored hackers,” U.S. Attorney for the Western District of Pennsylvania Eric G. Olshan said at the time.
U.S. officials had earlier revealed that China-backed threat groups have taken steps to disrupt server systems as well as water and energy controls.