The surveillance system under attack is used for domestic wiretaps in criminal and national security investigations. Federal law requires telecommunications and broadband companies to allow the feds to intercept communications if so ordered to via a legitimate court order. The attack was discovered over the last few weeks and is being investigated by the U.S. government and private security firms.
The report says that the attackers were able to collect internet traffic from internet service providers in the U.S. that serve companies both large and small, and millions of Americans. Some of the hackers also targeted a small number of foreign internet service providers. The U.S. government feels that the attacks are “historically significant and worrisome” according to a person who is knowledgeable about the attack.
“It will take time to unravel how bad this is, but in the meantime it’s the most significant in a long string of wake-up calls that show how the PRC (People’s Republic of China) has stepped up their cyber game. If companies and governments weren’t taking this seriously before, they absolutely need to now.”-Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency, vice president at SentinelOne
Attempts by China to infiltrate U.S. infrastructure such as airports, power stations, and water treatment plants could be part of a plan by China to launch cyberattacks against the U.S. The cyberattack on AT&T, Lumen, and Verizon gives U.S. investigators another puzzle piece to go through. Investigators are also concerned that the Chinese attackers might have been able to access Cisco’s routers that direct most of the traffic on the internet. A Cisco spokesmen say that the company is looking into the matter.
Microsoft is also looking into the Salt Typhoon attack to try and discover if any sensitive information was accessed by the Chinese attackers. Back in August, Microsoft wrote a research note that said Salt Typhoon, based out of China, has been active since 2020 and focuses on espionage and data theft while capturing network traffic.
That these attacks are real and worrisome were confirmed last month by U.S. officials who said that they took down a network consisting of over 200,000 routers, cameras, and other consumer-oriented devices that were used by a Chinese hacking group in an attempt to break into U.S. networks.