Chinese Hackers Exploit U.S. Telecom Networks to Geolocate Millions and Record Calls
In a major cybersecurity breach, Chinese hackers gained access to U.S. telecommunications networks, allowing them to track the locations of millions of individuals and record phone calls. This breach, carried out by the hacking group Salt Typhoon, is now confirmed to have impacted nine major telecommunication providers, according to Anne Neuberger, deputy national security adviser for cyber and emerging technology.
The Scope of the Breach
Salt Typhoon infiltrated U.S. telecom networks, stealing a significant amount of Americans’ cell phone records and eavesdropping on conversations of senior political figures, including President-elect Donald Trump, Vice President-elect JD Vance, and senior Biden administration officials. This massive breach, which began earlier this year, was first detected by investigators, with the FBI announcing the investigation in October. The Wall Street Journal had reported the breaches a month prior.
Neuberger confirmed that the breach had affected nine telecom providers, with one more added to the eight previously reported. These include industry giants such as Lumen Technologies, AT&T, Verizon, and T-Mobile. While the U.S. government issued cybersecurity guidance to telecom companies early on, it’s still unclear if the hackers have been fully evicted from these networks. T-Mobile and Lumen have publicly disputed claims that they haven’t removed the intruders.
Unprecedented Access to Sensitive Data
Once the Chinese hackers infiltrated telecom networks, they gained “broad and full access” to American data. This allowed them to geolocate millions of individuals and listen in on phone calls at will. While it’s difficult to estimate the full extent of the breach, Neuberger noted that many of those affected were located in the Washington, D.C., area. The goal, she explained, was likely to identify individuals of interest, particularly government officials, for follow-up espionage and intelligence gathering.
Though fewer than 100 individuals were specifically targeted for their phone calls and texts, Neuberger acknowledged that the full scope of the breach may never be known. The hackers used sophisticated techniques that made it difficult to track all their activities. As a result, efforts are now focused on holding China accountable and working with telecom companies to improve cybersecurity.
A Call for Stronger Cybersecurity Measures
Neuberger emphasized the need for a defensible infrastructure to protect critical U.S. networks. She argued that just as we wouldn’t leave our homes or offices unlocked, private companies managing critical infrastructure must implement basic cybersecurity practices to reduce vulnerability to large-scale attacks.
As part of this initiative, Neuberger called on the Federal Communications Commission (FCC) to formalize new cybersecurity requirements for telecom companies. She warned that voluntary practices are insufficient to guard against cyber threats from nations like China, Russia, and Iran.
“We need the FCC to implement required minimum cybersecurity practices across telecoms,” she said, stressing that once these steps are in place, the U.S. would have greater confidence in evicting Chinese hackers from critical networks.
Addressing Health Data Vulnerabilities
Neuberger also highlighted concerns about cybersecurity in the healthcare sector. She revealed that the Department of Health and Human Services (HHS) is set to propose a new rule updating the Health Insurance Portability and Accountability Act (HIPAA) to include stronger security requirements for health data. This would mandate healthcare entities to encrypt data, monitor networks for security breaches, and perform regular compliance checks to ensure they meet updated cybersecurity standards.
“We’re seeing a troubling rise in attacks on hospitals and healthcare data,” Neuberger said. “This update, the first in over a decade, will help ensure that healthcare data is better protected, reducing the risks posed by cybercriminals.”
Conclusion
The Salt Typhoon breach underscores the growing threat of state-sponsored cyberattacks and the need for robust cybersecurity measures to safeguard U.S. critical infrastructure. As the government works to address these vulnerabilities, the focus remains on reinforcing telecom networks and ensuring that similar breaches do not happen in the future.
