US Accuses China of Vast Cyber-Espionage Against Telecoms

(Bloomberg) -- Chinese state-sponsored hackers perpetrated a “broad and significant cyber-espionage campaign” in which they breached multiple telecommunications companies, US officials said in a statement on Wednesday, confirming additional details about cyberattacks with major national security implications.

Most Read from Bloomberg

The hackers infiltrated the networks of multiple telecommunications companies to steal customer call records and compromise the communications belonging to a “limited number” of people in government and politics, officials said. In addition, the attackers copied certain information that was subject to US law enforcement requests pursuant to court orders, the officials said.

“We expect our understanding of these compromises to grow as the investigation continues,” according to the officials. The statement didn’t identify the affected telecommunications companies.

The FBI and the US Cybersecurity and Infrastructure Security Agency are providing technical assistance on the matter and working with potential victims, according to the US.

Chinese Foreign Ministry spokesman Lin Jian said Thursday that his nation had “no interest in interfering in other countries’ internal affairs through cyberspace.”

“We also oppose spreading China-related disinformation due to political agenda,” he added at a regular press briefing in Beijing.

AT&T Inc. and Verizon Communications Inc. are among those breached, and the hackers potentially accessed systems the federal government uses for court-authorized network wiretapping requests, the Wall Street Journal reported in early October. US intelligence officials think the Chinese hacking group that Microsoft Corp. dubbed Salt Typhoon may have been inside US telecommunications companies for months and found a route into an access point for legally authorized wiretapping, according to a person familiar with their views.

Through those intrusions, the hackers are believed to have targeted the phones of former President Donald Trump, running mate JD Vance and Trump family members, as well as members of Vice President Kamala Harris’ campaign staff and others, the New York Times has reported.

A person familiar with the matter said US investigators are still grappling with the attacks and don’t yet have the full picture. It’s going to take time to determine how many people were targeted, the person said, and to be confident that the US has uncovered all the relevant angles.

Those efforts are still in the investigation phase and building out the picture continues, the person said.

US authorities have notified dozens of organizations, including telecommunications companies, that they were targeted in the Salt Typhoon hacks, according to another person familiar with the matter.

Alongside large telecommunications companies, smaller regional internet service providers have also been breached, said a third person familiar with the matter.

It is possible that Salt Typhoon is getting audio through the wiretap system by choosing what numbers to surveil through that system, bypassing safeguards, that person added.

Last week, Congressional staffers received classified briefings from US intelligence agencies on the Salt Typhoon breach, according to an aide familiar with the matter. The briefings were previously reported by CyberScoop.

“This is as concerning to me as anything I’ve seen since coming here,” Senator Ron Wyden, Democrat of Oregon, said.

A State Department official said they’ve know of the Salt Typhoon attacks for weeks, adding they were informed through the interagency process.

The concerning element is that the hacks are occurring on US soil and in a place where US officials thought that they had secured telecommunications against adversaries, according to the US official, adding the hacks look to to be scary because it is such a broad attack that could influence so many different sectors.

--With assistance from Lucille Liu and Philip Glamann.

(Updates with response from China’s Foreign Ministry.)

Most Read from Bloomberg Businessweek

©2024 Bloomberg L.P.