“Communication service providers are becoming a goldmine for nation-state hackers”
On Wednesday evening, the US’ Cybersecurity & Infrastructure Security Agency (CISA) and the FBI confirmed that the Salt Typhoon attack, launched in October, breached US telecom providers. This allowed the hackers to access private communications of a ‘limited number’ of federal government officials.
The confirmation came almost immediately after Moody’s Rating published its annual cyber security heat map in which it upgraded telecoms from being High Risk to Very High Risk.
Joint statement
The CISA and FBI issued a joint statement which read, “The U.S. government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.
“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.
“[We] continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector. We encourage any organization that believes it might be a victim to engage its local FBI Field Office or CISA.”
Goldmine for hackers
Donny Chong, Director Nexusguard, commented, “This is yet another example of how communication service providers are becoming a goldmine for nation-state hackers. Telecom providers have become gateways through which foreign adversaries can reach government officials and sensitive data. This marks an escalation from previous attacks, aimed at intercepting business information via internet traffic to extort victims for monetary gain.”
He added, “The role of telecom providers is transforming. Once viewed primarily as connectivity providers, they now stand on the frontlines of cyber warfare and espionage. Securing these networks shouldn’t fall solely on the private sector. Government support is essential, with regulations and security standards to help protect this critical infrastructure.”
Chong also urged “increased regulation” for the telecoms sector “that set cybersecurity standards in line with this rising threat. Funding should be extended to telecom providers that are looking to bolster cybersecurity measures in the form of tax incentives for security investments or cybersecurity skill development. These measures can help set stronger foundations for cyber resilience moving forward.”