US Telecoms Customer Data Stolen By Chinese Hackers 

Uploaded on 2024-12-05 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The US has been suffering a growing number of large-scale cyber attacks, apparently conducted by Chinese stare-sponsored hackers, with links to or directed by, China’s national intelligence agencies. Indeed, leaders of the top US telecommunications companies were recently called to the White House to discuss how to expel Chinese hackers from the nation’s communications networks.

Now, a large amount of  US telecoms companies' customer metadata has been stolen in the sweeping  espionage campaign carried out by a group being called Salt Typhoon. Although specific details are unavailable, according to reports, the hackers gained widespread access to US national telecommunications infrastructure, including several leading broadband providers. 

The US cyber defence agencies, CISA, the National Security Agency (NSA), and Federal Bureau of Investigation (FBI) have confirmed that Chinese  state-sponsored cyber actors have compromised the IT environments of multiple critical infrastructure organisations. This breach is not an isolated event but part of a broader strategy to disrupt and weaken America’s operational capabilities in the event of conflict. 

China’s cyber operations have grown into sophisticated campaigns targeting critical infrastructure.

It is thought that the hacking group known as Salt Typhoon, operating under Chinese direction, infiltrated US Internet providers and has been gaining access to systems essential to the US national security. "We believe a large number of Americans' metadata was taken," said an official, who spoke to reporters on condition of anonymity. "We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on." the official said.

Dozens of companies across the world had been hit by the hackers, including at least eight  US telecommunications and telecom infrastructure firms 

The official said the White House had made tackling the Salt Typhoon hackers a priority for the federal government and that outgoing President Joe Biden had been briefed several times on the intrusions. 

The current cyber-attacks are a important clarion call that network security must be both a forethought in network design and an ongoing regulatory responsibility for the agency entrusted with oversight of the nation’s networks.

CISA   |   Reuters   |   Oodaloop   |   NYTimes   |   Brookings Inst.   |   Industrial Cyber   |   Guardian   | 

Guardian   

Image: XstockImages

You Might Also Read:   

Chinese Hackers Target Japan & EU:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Microsoft Faces £1bn Lawsuit For Cloud Licencing Damages
Romanian Presidential Election Undermined By Russia »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Uniken

Uniken

Uniken REL-ID is a safe, simple, and scalable security platform that tightly integrates your identity, authentication, and channel security.

Telspace Africa

Telspace Africa

Telspace Africa provide the highest level of IT security solutions including advisory, penetration testing, vulnerability assessments, red teaming, social engineering and training.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Octiga

Octiga

Octiga is an office 365 cloud security provider. It offers Office 365 monitoring, incident response and recovery tools.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

Goldilock

Goldilock

Goldilock is redefining how sensitive data, devices, networks and critical infrastructure can be secured.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.