The Chinese state-funded hacking group known as Salt Typhoon was able to attack U.S. telecom networks including Verizon and AT&T. T-Mobile engineers reportedly caught the group running commands on network devices and kicked them off its network before any damage was done. While U.S. officials recently said that the hackers remain inside U.S. telecom networks, both Verizon and AT&T said on Saturday that while their operations were hacked by Salt Typhoon, their networks are now clear.In a statement released yesterday, AT&T said that the hackers were attempting to gain information about foreign intelligence. Verizon added in a separate statement that the targets of these attacks were “a small number of high-profile customers in government and politics.” According to an earlier report, among the phones belonging to high-profile Americans that were targeted by this organized hacking group were the devices belonging to President-elect Donald Trump and Vice President-elect J.D. Vance.
“We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident.”-Verizon
Back in October, The Wall Street Journal reported that telecom carriers such as AT&T and Verizon were victims of the Salt Typhoon group’s attacks and the hackers could have accessed the system used by the federal government for court-authorized network wiretapping. On Friday, the White House said that nine telecom companies were hacked by the Chinese state-funded hacking operation.
Officials didn’t reveal the names of the nine U.S. carriers that were attacked although, as previously noted, AT&T and Verizon did admit to belonging to that group. And T-Mobile said it booted the group off its networks before they got deep into its systems or were able to obtain information about T-Mobile’s customers.
Part of the information that the Salt Typhoon hackers were able to access from some of the carriers it infiltrated was metadata belonging to a large number of American users. This metadata contained parts of text messages, communication logs, and small parts of audio from voice calls. The Chinese government has denied being involved in the Salt Typhoon attacks.
“We detect no activity by nation-state actors in our networks at this time,” AT&T said. “Based on our current investigation of this attack, the People’s Republic of China targeted a small number of individuals of foreign intelligence interest. In the relatively few instances in which an individual’s information was impacted, we have complied with our notification obligations in cooperation with law enforcement.”-AT&T
The Biden administration recently held a closed door meeting with members of the industry to discuss how to handle the vulnerabilities that can be exploited by the hackers. Attending the meeting was John Stankey, CEO of AT&T. The U.S. government says it doesn’t know how many Americans were targeted in the attack and it is impossible to figure out when the Salt Typhoon attackers will be completely cleared from the U.S. telecom system. Having the networks belonging to AT&T, Verizon, and presumably T-Mobile all clear is a good start.
GIPHY App Key not set. Please check settings