Cyberespionage: United States severely impacted by Chinese group Salt Typhoon
Articles by the same author:
1
2
3
4
On October 11, 2024, The Wall Street Journal reported a cyber-espionage campaign targeting the telecom networks of Verizon, AT&T, and Lumen Technologies, conducted by Salt Typhoon, a group affiliated with China. This new Advanced Persistent Threat (APT) actor allegedly gained access for months to highly sensitive systems of the three operators, which are linked to the U.S. government’s intelligence services.
Journalists detailed intrusions into devices that facilitate electronic communication collections and wiretapping authorized by the U.S. judiciary. The Chinese government may have accessed a wealth of critical information, including the names of Chinese targets being surveilled by Washington. Jamil Jaffer, a former national security official at the White House, called it a “first-order failure in counter-espionage.”
Specifically, Salt Typhoon is said to have exploited backdoors in the networks of the three operators that the U.S. government itself had installed. The CALEA (Communications Assistance for Law Enforcement Act) law allows the executive branch to require telecom operators to implement such devices. The government then uses these backdoors for surveillance and intelligence operations as part of judicial investigations.
This intrusion appears to vindicate critics of this law, who have long warned about the risks of malicious actors misusing these features. Leading this criticism, Senator Ron Wyden has called on Jessica Rosenworcel, Chairwoman of the FCC (the U.S. telecom regulator), and Merrick Garland, U.S. Attorney General, to “acknowledge the failure of their current approach to countering cyberattacks.”