The Chairman of the Senate Intelligence Committee, Mark Warner, says that the Chinese espionage campaign that penetrated more than a dozen U.S. telecommunications companies is the “worst telecom hack in our nation’s history — by far.”
The Chinese hackers called “Salt Tycoon” have been able to real-time phone conversations and demonstrated the ability to move from one network to another “exploiting relationships of trust,” Warner told the Washington Post.
The breaches were discovered in September and the scope of the intrusions is just now being revealed.
“Specifically, we have identified that [Chinese government]-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders,” the FBI said in a statement on the hack earlier this month.
Salt Tycoon hacked the phones of Donald Trump and JD Vance, as well as individuals who worked for the Kamala Harris campaign.
Though fewer than 150 victims have been identified and notified by the FBI — most of them in the D.C. region, the records of people those individuals have called or sent text messages to run into the “millions,” he said, “and that number could go up dramatically.”
Those records could provide further information to help the Chinese identify other people whose devices they want to target, he said. “My hair’s on fire,” Warner said.
It actually gets worse. The networks are still compromised and kicking the hackers out could involve physically replacing “literally thousands and thousands and thousands of pieces of equipment across the country,” specifically outdated routers and switches, Warner said.
It’s no secret that China has an enormous operation dedicated specifically to penetrating U.S. networks and hacking other systems relating to national security. Russia has been busy too, working in tandem with sophisticated criminal gangs for information and profit.
Hackers have acquired access to the system that logs U.S. law enforcement requests for criminal wiretaps, allowing the Chinese to know who is of interest to authorities. There is no evidence so far that hackers have compromised the collection system itself through which law enforcement listens in on wiretapped calls, said U.S. officials, speaking on the condition of anonymity because of the matter’s sensitivity.
The calls on which Chinese hackers were able to listen in were not part of the “lawful intercept,” or wiretap, system, officials said. But hackers also had access to unencrypted communications, including text messages. End-to-end encrypted communications such as those on the Signal platform are believed to be protected, officials said.
“This is massive, and we have a particularly vulnerable system,” Warner said. “Unlike some of the European countries where you might have a single telco, our networks are a hodgepodge of old networks. … The big networks are combinations of a whole series of acquisitions, and you have equipment out there that’s so old it’s unpatchable.”
Yikes.
Warner thinks that more regulation is the answer.
“We’re the telecom envy of the world,” Warner said. “I don’t want to slow that innovation. I don’t want to come in with some new, heavy-handed regulation. This ought to just be about safety and security.”
The Post says that the Telecom sector is “largely unregulated.” I don’t believe that’s true but even if it were, piling on regulations is not the answer. This is war and perhaps it’s time to think about how we can hit them back.. The Chinese have to be made to understand that Americans see privacy as a sacred right and that intrusions like Salt Tycoon are a declaration of war.
Trump might be just the man to explain it.