U.S. companies have been hit by Cyberattacks, targeting the very networks that keep us connected. These attacks weren’t random—they were carefully planned and aimed at major telecom providers.
You might not think about it often, but these networks handle your calls, texts, and even critical government communications.
Now, experts warn that the hackers who carried out the Cyberattacks may still have access, a revelation that is fueling concerns about the safety and security of our communications.
Here’s what you need to know.
Chinese-linked Campaign Targets U.S. Telecoms
At least eight U.S. telecommunications providers or infrastructure companies have been compromised by a hacking campaign tied to China’s government, according to Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology. And it could be even more than eight.
This isn’t a new issue. The campaign has been going on for one to two years, targeting telecom networks in dozens of countries. Why telecoms? They are a motherlode for espionage, high-priority targets, and “in the bull’s-eye of nation-state programs,” a senior administration official said.
The White House held a briefing after the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) confirmed that Salt Typhoon stole large amounts of metadata and records from telecom providers.
U.S. officials say hackers targeted big telecom companies like Verizon, AT&T, T-Mobile, Lumen, and others. T-Mobile stated no customer data was compromised, and Lumen found no evidence of access to customer data. However, in some cases, hackers are accused of stealing call records and even phone audio intercepts.
Ongoing Access To Networks Prompts Alarms For Government & Private Users
During the briefing, they also noted that the hackers accessed some government officials’ communications, but they don’t believe any classified information was compromised.
The hackers are still believed to have access to these networks, posing a risk of further breaches. Neuberger emphasized that unless U.S. telecom companies fix their Cybersecurity vulnerabilities, the hackers are likely to stay.
The White House urged regulators and lawmakers to enforce stricter Cybersecurity measures for telecom providers, like better security setups, stronger key management, and network monitoring.
CISA’s Recommendations On Hardening Telecom Infrastructure
CISA), along with international partners, has issued guidance to help telecommunications providers and critical infrastructure organizations defend against cyber espionage by People’s Republic of China (PRC)-affiliated threat actors.
The guidance focuses on two key areas: Enhancing Network Visibility and Hardening Systems and Devices.
The guidance also provides specific recommendations for securing Cisco systems, including disabling unused services like Smart Install and ensuring that web management interfaces are encrypted.
The latest update is one of the year’s most widespread critical infrastructure attacks. Officials caution that the full impact of Salt Typhoon’s actions may be worse than currently known.
Impact Of These Breaches On Your Business Data
If your business is connected to telecom networks, these Cyberattacks could expose your data and business to security threats. It’s important to understand that these breaches not only affect telecom companies but can also affect your business by compromising customer data and communication systems.
Encrypting content is key, and the FBI’s advice is clear: “Use a phone with timely OS updates, responsible encryption, and phishing-resistant MFA (multi-factor authentication) for email, social media, and collaboration tools.”
FBI Director Christopher Wray emphasizes that balancing data safety and community safety is essential: “the public should not have to choose between safe data and safe communities. We should be able to have both—and we can have both… Collecting the stuff—the evidence—is getting harder, because so much of that evidence now lives in the digital realm. Terrorists, hackers, child predators, and more are taking advantage of end-to-end encryption to conceal their communications and illegal activities from us.”
If you notice any suspicious activity within your organization, contact your local FBI office or the FBI’s Internet Crime Complaint Center (IC3). You can also report cyber incidents to the CISA.
FAQ
Which U.S. Companies Were Targeted In The Telecom Attacks?
There are more than eight major U.S. telecom companies, including Verizon, AT&T, and T-Mobile, that were struck by the attacks. While these companies are known to be affected, there could be others impacted as well.
What Kind Of Data Was Stolen In These Attacks?
The hackers are believed to have stolen sensitive information like call records and possibly phone audio intercepts. However, T-Mobile and Lumen confirmed that no customer data was compromised in their cases.
Are These Attacks Still Ongoing?
Yes, U.S. officials believe the hackers may still have access to the affected networks. To prevent these attacks, businesses can implement endpoint protection, which secures devices like computers and phones from threats. 2Secure also recommends conducting attack simulations and penetration testing to identify vulnerabilities and strengthen defenses before hackers can exploit them.
