Several major US telecoms firms hit by Chinese hackers, FBI says
Joint statement reports major US telecoms providers breached by China
A joint statement from the Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) has claimed multiple major US telecom providers have been breached in what appears to be a coordinated attack by Chinese hackers.
The statement notes, “The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.”
Not much is known about the attack, nor which telecom providers have been affected as the investigation is still ongoing. The Canadian government has also issued a warning on China’s widespread reconnaissance scans on Canadian domains, likely searching for vulnerabilities and gathering information.
Telecoms surveillance network breached
“After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims,” the joint statement continued, further stating that “any organization that believes it might be a victim to engage its local FBI field office or CISA.”
Earlier in October 2024, a cyber criminal group with links to the People’s Republic of China tracked as Salt Typhoon managed to break into broadband providers such as AT&T, Lumen Technologies, and Verizon. Along with access to the network traffic processed by these providers, the attackers also broke into a telecommunications system used by authorities to legally surveil criminals using wiretaps and other techniques.
As for Canada, the statement issued by its government states multiple reconnaissance scans by China “have occurred throughout 2024” with organizations targeted including “Government of Canada departments and agencies, and includes federal political parties, the House of Commons and Senate.”
“They also targeted dozens of organizations, including democratic institutions, critical infrastructure , the defence sector, media organizations, think tanks and NGOs,” the statement said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The Canadian government says these scans are not indications of compromise, but are done to map and explore Canada’s domain infrastructure searching for vulnerabilities and planning future attacks.
“It is the equivalent of someone walking around a building to see if there is an alarm or security camera, or trying the windows and doors to see which ones are unlocked. It is about gathering information in case they want to return to carry out a crime and figuring out the best way to do it,” the statement summarized.
The best way for organizations to protect themselves from reconnaissance mapping and future attacks is to ensure their devices run the latest operating systems and are protected against all known vulnerabilities. Organizations may also want to ensure they use multi-factor authentication, activity logging, and educate their employees on common attack vectors such as phishing.
More from TechRadar Pro
- Take a look at the best endpoint protection
- SonicWall VPNs targeted by ransomware hitting corporate networks
- These are the best business VPNs
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.