Several major US telecoms firms hit by Chinese hackers, FBI says

News
By published

Joint statement reports major US telecoms providers breached by China

Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
(Image credit: Shutterstock)

A joint statement from the Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) has claimed multiple major US telecom providers have been breached in what appears to be a coordinated attack by Chinese hackers.

The statement notes, “The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.”

Not much is known about the attack, nor which telecom providers have been affected as the investigation is still ongoing. The Canadian government has also issued a warning on China’s widespread reconnaissance scans on Canadian domains, likely searching for vulnerabilities and gathering information.

Telecoms surveillance network breached

“After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims,” the joint statement continued, further stating that “any organization that believes it might be a victim to engage its local FBI field office or CISA.”

Earlier in October 2024, a cyber criminal group with links to the People’s Republic of China tracked as Salt Typhoon managed to break into broadband providers such as AT&T, Lumen Technologies, and Verizon. Along with access to the network traffic processed by these providers, the attackers also broke into a telecommunications system used by authorities to legally surveil criminals using wiretaps and other techniques.

As for Canada, the statement issued by its government states multiple reconnaissance scans by China “have occurred throughout 2024” with organizations targeted including “Government of Canada departments and agencies, and includes federal political parties, the House of Commons and Senate.”

“They also targeted dozens of organizations, including democratic institutions, critical infrastructure , the defence sector, media organizations, think tanks and NGOs,” the statement said.

The Canadian government says these scans are not indications of compromise, but are done to map and explore Canada’s domain infrastructure searching for vulnerabilities and planning future attacks.

“It is the equivalent of someone walking around a building to see if there is an alarm or security camera, or trying the windows and doors to see which ones are unlocked. It is about gathering information in case they want to return to carry out a crime and figuring out the best way to do it,” the statement summarized.

The best way for organizations to protect themselves from reconnaissance mapping and future attacks is to ensure their devices run the latest operating systems and are protected against all known vulnerabilities. Organizations may also want to ensure they use multi-factor authentication, activity logging, and educate their employees on common attack vectors such as phishing.

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read more
An American flag flying outside the US Capitol building against a blue sky
Chinese cybersecurity firm sanctioned by US Treasury over alleged links to Salt Typhoon hackers
Flag of the People's Republic of China overlaid with a technological network of wires and circuits.
Salt Typhoon attacks may have hit more US firms than previously thought
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
An American flag flying outside the US Capitol building against a blue sky
More alleged Chinese intrusions into the US Treasury revealed
China
US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack
China US flags cropped
CISA says ‘no indication’ other US government agencies affected in Treasury hack
Latest in Pro
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
Context Windows
Why are AI context windows important?
BERT
What is BERT, and why should we care?
A person holding out their hand with a digital AI symbol.
AI is booming — but are businesses seeing real impact?
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does
More about pro
HP ZBook Ultra G1a

HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
Asus Ascent GX10 Rear

Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
Cyclists on cobbled ahead of the E3 Saxo Bank Classic live stream 2025

E3 Saxo Bank Classic live stream 2025: How to watch WorldTour cycling online from anywhere
See more latest
Most Popular
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
HP ZBook Ultra G1a
HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
A mobile phone showing the Signal logo in front of a screen showing the app
Signalgate explained: what is Signal, and how secure is the messaging app?
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA