The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory to telecommunications companies on Tuesday, calling for enhanced network security measures following the discovery of an extensive Chinese hacking operation dubbed "Salt Typhoon."
The campaign, which gave Chinese officials access to private communications of U.S. citizens, prompted a joint warning from intelligence agencies across multiple nations, including New Zealand, Australia, and Canada.
The hackers successfully infiltrated telecom networks to collect metadata about calls and text messages, including dates, times, and recipient information from numerous customers. In some cases, they managed to obtain actual audio recordings of calls and message content from a smaller group of targets, many of whom work in government or political roles.
The FBI has reached out to individuals whose communications were directly compromised. However, the total scope of the breach remains unknown, with investigators still uncertain about whether hackers maintain access to these networks.
Of particular concern is the targeting of information related to U.S. law enforcement investigations and court orders, suggesting possible attempts to access Foreign Intelligence Surveillance Act (FISA) programs. Officials believe the hackers' objectives extended beyond specific surveillance programs, aiming instead for broad access to Americans' communications.
The advisory includes technical recommendations for telecom providers, emphasizing encryption, centralized systems, and continuous monitoring to prevent future intrusions. CISA's Executive Assistant Director for Cybersecurity, Jeff Greene, acknowledged that while these measures could help disrupt the current operation, persistent threats remain likely.
This incident follows other recent Chinese cyber campaigns, including a massive botnet operation involving 200,000 infected devices and attempts to target phones belonging to political figures, including former President Donald Trump and Vice President Kamala Harris.
Chinese officials have denied involvement in these cyber operations, with embassy spokesperson Liu Pengyu dismissing the allegations as "disinformation" and calling for the U.S. to cease its own cyber activities against other nations.