In response to persistent Chinese state-sponsored hacking of major US telecommunications networks, government security officials are advising Americans to adopt encrypted messaging services for their communications.
The Chinese hacking group known as Salt Typhoon has reportedly infiltrated networks of leading telecom providers including Verizon, AT&T, and others since early October 2023. The breach potentially exposed systems used for court-authorized surveillance of communications networks.
"It would be impossible for us to predict a time frame on when we'll have full eviction," stated CISA Executive Assistant Director for Cybersecurity Jeff Greene, highlighting the extensive nature of the intrusion. "We're still determining the full scope of penetration."
Greene strongly recommended encryption as a protective measure: "Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary intercepts the data, encryption makes it impossible to access."
According to FBI sources, the hackers gained access to sensitive metadata revealing phone call patterns, live communications of specific targets, and information from telecommunications companies' court-ordered surveillance systems.
While T-Mobile reports its network remained secure, the company disconnected from an affected provider as a precautionary measure. Lumen (formerly CenturyLink) stated no evidence exists of compromised customer data on their network.
The incident has sparked renewed debate about encryption backdoors. Security experts, including cryptographer Bruce Schneier, point out that such access mechanisms can become targets for malicious actors, as demonstrated by this breach of wiretapping systems.
In response to the ongoing threat, US agencies including CISA, NSA, and FBI have released security upgrade guidelines for telecommunications providers while investigations continue into the extent of the network compromise.
The FBI additionally recommends using phones with regular security updates and implementing phishing-resistant multifactor authentication for various online accounts to enhance personal security.