Washington, November 15, 2024 – The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have revealed that threat actors affiliated with the Chinese government have compromised the networks of multiple US telecommunications companies, leading to the theft of sensitive data.
In a joint statement, the agencies disclosed that the breaches involved unauthorized access to customer call records and private communications of individuals engaged in government or political activities. The statement emphasized that the investigation is ongoing and that further details regarding the compromises are expected to emerge.
This announcement follows an earlier confirmation in October that a Chinese state-sponsored group, known as UNC2286 or Salt Typhoon, had infiltrated major US telcos, including AT&T, Verizon, and Lumen Technologies. The FBI and CISA noted that they took immediate action by notifying affected companies and providing technical assistance in response to the identified malicious activities.
Sources indicate that the threat actors maintained access to the networks for extended periods, potentially gathering a significant amount of call data from millions of US customers. The use of living-off-the-land” techniques by these state-sponsored actors has been highlighted, allowing them to remain undetected within the networks for long durations.
A joint advisory from the Five Eyes alliance earlier this year warned critical infrastructure organizations about the potential risks posed by the Volt Typhoon hacking group, which may have had access to IT networks of critical infrastructure providers for at least five years. This advisory was based on incident response activities conducted by US agencies regarding compromises linked to the Chinese state-sponsored cyber group.
The ongoing investigations and findings underscore the growing concerns over cybersecurity threats from state-sponsored actors, particularly those associated with the People’s Republic of China, and the implications for national security and telecommunications infrastructure.
