US Telecoms Customer Data Stolen By Chinese Hackers 

Uploaded on 2024-12-05 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The US has been suffering a growing number of large-scale cyber attacks, apparently conducted by Chinese stare-sponsored hackers, with links to or directed by, China’s national intelligence agencies. Indeed, leaders of the top US telecommunications companies were recently called to the White House to discuss how to expel Chinese hackers from the nation’s communications networks.

Now, a large amount of  US telecoms companies' customer metadata has been stolen in the sweeping  espionage campaign carried out by a group being called Salt Typhoon. Although specific details are unavailable, according to reports, the hackers gained widespread access to US national telecommunications infrastructure, including several leading broadband providers. 

The US cyber defence agencies, CISA, the National Security Agency (NSA), and Federal Bureau of Investigation (FBI) have confirmed that Chinese  state-sponsored cyber actors have compromised the IT environments of multiple critical infrastructure organisations. This breach is not an isolated event but part of a broader strategy to disrupt and weaken America’s operational capabilities in the event of conflict. 

China’s cyber operations have grown into sophisticated campaigns targeting critical infrastructure.

It is thought that the hacking group known as Salt Typhoon, operating under Chinese direction, infiltrated US Internet providers and has been gaining access to systems essential to the US national security. "We believe a large number of Americans' metadata was taken," said an official, who spoke to reporters on condition of anonymity. "We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on." the official said.

Dozens of companies across the world had been hit by the hackers, including at least eight  US telecommunications and telecom infrastructure firms 

The official said the White House had made tackling the Salt Typhoon hackers a priority for the federal government and that outgoing President Joe Biden had been briefed several times on the intrusions. 

The current cyber-attacks are a important clarion call that network security must be both a forethought in network design and an ongoing regulatory responsibility for the agency entrusted with oversight of the nation’s networks.

CISA   |   Reuters   |   Oodaloop   |   NYTimes   |   Brookings Inst.   |   Industrial Cyber   |   Guardian   | 

Guardian   

Image: XstockImages

You Might Also Read:   

Chinese Hackers Target Japan & EU:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Microsoft Faces £1bn Lawsuit For Cloud Licencing Damages
Romanian Presidential Election Undermined By Russia »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MetricStream

MetricStream

MetricStream provide integrated GRC solutions across business, IT, and security functions.

Igloo Security

Igloo Security

Igloo Security is a leader and pioneer in SIEM (Security Information & Event Management), PSIM (Physical Security Information Management) and MSS (Managed Security Services).

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

Open Systems

Open Systems

Open Systems is a Secure Access Service Edge (SASE) pioneer delivering a complete solution to network and security.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

Brookcourt Solutions

Brookcourt Solutions

Brookcourt Solutions delivers cyber security, network monitoring technologies and managed security services to help secure and protect your organisation’s critical infrastructure.

Dectar

Dectar

Dectar (formerly 4Securitas) is a cybersecurity company that provides solutions that predict, detect, defend and react against cybersecurity threats.

Avocado Consulting

Avocado Consulting

Avocado helps clients deliver with certainty on their complex IT change, with technology services that automate, monitor and optimise.

Druva

Druva

Druva is the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10m guarantee.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

Spirit Technology Solutions

Spirit Technology Solutions

Spirit Technology Solutions is a modern workplace services provider committed to delivering solutions that embody our core principles of security, sustainability, and scalability.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.