close
close

Association-anemone

Bite-sized brilliance in every update

DHS Cyber ​​Review Panel to Investigate Chinese U.S. Telecom Attack as Net of Victims Widens
asane

DHS Cyber ​​Review Panel to Investigate Chinese U.S. Telecom Attack as Net of Victims Widens

The Department of Homeland Security said Sunday that a key cybersecurity review group will investigate a Chinese infiltration of U.S. telecommunications networks and related wiretapping infrastructure, marking a major escalation in an ongoing federal probe into breaches that compromised both government officials and presidential campaign staff. .

The Cybersecurity Review Board — backed by the Biden administration in 2022 to look into the root causes of major cybersecurity events — “will initiate a review of this incident at the appropriate time,” a DHS spokesman said in an email. – email. The Wall Street Journal first reported the panel’s decision.

It is unclear when the probe will begin, but it would likely be months before the public findings from the review are made public. China’s state-backed hacking collective, called Salt Typhoon, broke into the networks of AT&T, Verizon, Lumen and 10 others and may have been inside systems that facilitate court-authorized wiretapping requests for months, according to data. rEPORTS which first appeared last month.

The network of affected people has expanded since US investigators began looking into the incident just weeks ago. Hackers have tried to access phone communications of presidential campaign officials, including former President Donald Trump and fellow candidate Sen. JD Vance, R-Ohio, the New York Times reported Friday.

The hackers also amassed audio communications from US political figures, including a Trump campaign adviser, the Washington Post. reported Sunday. Salt Typhoon also had access to victims’ unencrypted messages, the report added, citing people familiar with the matter. At least one US official has been notified that hackers accessed his personal phone.

The targeting was bipartisan in nature. Senate Majority Leader Chuck Schumer’s staff and Vice President Kamala Harris’ campaign staff were also hit.

“Agencies across the U.S. government are working together to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses in the commercial communications sector,” the FBI and the Cybersecurity and Infrastructure Security Agency said Friday.

The entries into wiretapping request systems could have compromised some of the most sensitive national security data on US surveillance targets and have raised questions about the security architecture of backdoor installations enabled by a 30-year-old surveillance law whose oversight rests largely with the private sector and third-party compliance providers.

“If you want to know what diplomats are thinking, it’s in their email, it’s in their texts. And that’s the kind of thing I think people have always targeted,” said Kevin Mandia, who founded the eponymous threat intelligence firm Mandiant. Nextgov/FCW at the beginning of this month.

It remains uncertain whether other surveillance systems, such as those governed by the Foreign Intelligence Surveillance Act, were penetrated in the hacks. Data from these networks could provide Beijing with information about US foreign intelligence objectives.

The spying operation probably started months ago. In early September, DHS Undersecretary for Policy Rob Silvers said the Cybersecurity Review Board would announce an investigation “coming soon,” but gave no further details.

The CSRB’s review had long been expected to focus on last summer’s CrowdStrike-enabled IT outages or the 2020 SolarWinds Orion hack, the latter of which prompted the board’s establishment. In April, the CSRB wrote a critical report about Microsoft’s security posture, which allowed a separate group of Chinese hackers to access the email inboxes of top US officials last summer.

The telecommunications spying marks China as now the second major foreign adversary to explicitly compromise the data and communications of entities in the 2024 presidential campaign, after Iranian state-affiliated hackers last summer seized Trump campaign documents and they sent to the press with the hope that these” would be published online. The individuals behind those hacks were CHARGED by the Justice Department last month.

The infiltrations are “very troubling,” former NSA director Gen. Paul Nakasone said in an interview. “The scope and scale of the alleged occurrence in American telecommunications companies — that’s a different game,” he said. “I think the next question now is, well, what do we do about it?”