top of page

Chinese hackers have infiltrated at least 8 U.S. telecom companies, White House says




Geoff Bennett:

The White House said today that a broad Chinese hacking operation had infiltrated at least eight American telecommunication companies, and that none of them have managed to remove these Chinese hackers from their systems.

Nick Schifrin has been following this all and joins us now.

So, Nick, what did the White House say today?

  • Nick Schifrin:

    The White House gave new details on what is believed to be the largest hack on American telecommunications firms in U.S. history.

    As you said, Chinese hackers infiltrated at least eight communications firms in the United States and over the last one to two years — quote — "dozens" of telecommunications companies across Asia and Europe, and the hack was ongoing, Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger said today.

    Anne Neuberger, U.S. Deputy National Security Adviser for Cyber and Emerging Technology: The affected companies are all responding. Right now, we do not believe any have fully removed the Chinese actors from these networks. So the risk of — there is a risk of ongoing compromises to communications.

    Until U.S. companies address the cybersecurity gaps, the Chinese are likely to maintain their access.

  • Nick Schifrin:

    Today, intelligence officials were on the Hill briefing all 100 senators in a classified hearing about the Chinese hackers known as Salt Typhoon, and our Lisa Desjardins caught up with Texas Republican John Cornyn.

  • Sen. John Cornyn (R-TX):

    The Chinese Communist Party has infiltrated the telecommunication systems here in the United States in a dramatic and unprecedented sort of way. And it's a subject of tremendous concern.

    I'm sure you're going to hear more about it, because it affects a lot of people and a lot of — not just in this country, but around the world.

  • Nick Schifrin:

    Yesterday, Geoff, a senior FBI official admitted the bureau still did not know how deeply the Chinese hackers had penetrated, even though the bureau had been investigating since the spring, and it could take years to know the true scope of the hack.

  • Geoff Bennett:

    Do we know, though, who has been targeted?

  • Nick Schifrin:

    Intelligence officials describe three baskets or three groups of targets, essentially, number one, a large number of users whose phone metadata was stolen, number two, a small group of individuals whose audio calls and text messages were specifically targeted and successfully intercepted, number three, the portal that law enforcement uses to submit court orders to telecommunications and Internet service providers.

    And I want to keep that list up for the moment. On the first group, whose metadata was stolen, a senior administration official said today it was — quote — "a large number of Americans," but would not provide the number, but it had a — quote — "regional focus," suggesting it was designed to find members of the second group, whose calls were intercepted and included senior members of the Trump and Harris campaigns.

    A former intelligence official described to me, Geoff, that this is so hard because these are incredibly sophisticated state actors with limitless budget and limitless time. They are extraordinarily difficult to detect because they enter networks with stolen credentials, so as not to set off alarm bells. And if they detect any surveillance by the Americans, they simply stop moving.

    They can sit there and take as long as it takes, therefore avoiding detection.

  • Geoff Bennett:

    And how has China responded to all of this?

  • Nick Schifrin:

    In a statement, Chinese Embassy spokesman Liu Pengyu told me that the U.S. claims were — quote — "disinformation."

    And he continued — quote — "China firmly opposes and combats all kinds of cyberattacks. The U.S. needs to stop its own cyberattacks against other countries and refrain from using cybersecurity to smear and slander China."

    The U.S., Geoff, is believed to conduct the same surveillance around the world, and I do use that term surveillance. U.S. officials use that term because this is not designed, as far as they can tell, to destroy any critical infrastructure.

    It is instead designed to conduct espionage, to collect information. No signs that any of this is being leaked online. As for solutions, Neuberger said today the only solution was to require companies to meet minimum cybersecurity guidelines. Right now, those guidelines are optional for these companies to meet.

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page