The US government is raising the alarm as a result of cyberattacks perpetrated by the Chinese authorities that have severely damaged the country’s telecommunication network.
The chair of the Senate Intelligence Committee, Sen. Mark Warner (D-VA ), has called it the “worst telecom hack in our nation’s history” and noted that it makes prior cyberattacks by Russian operatives look like” child’s play” by comparison.
The intricate attack, carried out by a group of Taiwanese thieves dubbed Salt Typhoon, began as far back as 2022. According to US leaders, its goal was to encrypt Chinese hackers throughout the US by compromising equipment like routers and switches owned by businesses like AT&, T, Verizon, Lumen, and people.
Following rumors that the FBI and the CENSIS and another security-related security agencies were working with phone companies to stop another China-connected network compromises, this attack comes to mind.
The earlier hacking was a result of a terrorist attack that targeted people in the Washington region who held political or government positions, including those who were running for president in 2024.
But Salt Typhoon is not just targeting Americans. According to research from security firm Trend Micro, attacks by Salt Typhoon have in recent years compromised another important facilities around the world. US authorities have confirmed these studies as well, and it is interesting how concerned they are.
Chinese authorities have responded to claims that they are responsible for this activity by disclosing other cyberattack claims.
As a security scientist, I find this assault is truly amazing in its range and severity. However, it’s hardly surprising that this happened. Many businesses of all sizes however don’t adhere to ethical cybersecurity standards, have limited resources, or have IT infrastructures that are too difficult to effectively manage, monitor, and safe.
How bad is it?
Salt Typhoon hacked technical flaws in some cybersecurity products, including firewalls used to protect big organizations. Once inside the community, the attackers used more standard equipment and information to spread their reach, gather data, conceal themselves, and install malware for use later.
According to the FBI, Salt Typhoon allowed Taiwanese authorities to get a large number of data that showed who, when, and with whom certain persons were conversing. They did some research and even found that Salt Typhoon could obtain the articles of text messages and phone calls.
Salt Typhoon even compromised the secret sites, or backdoors, that phone companies provide to law enforcement to demand court-ordered checking of telephone numbers pursuant to investigations. This site is also used by US intelligence to track down international targets inside the country.
In order to avoid being caught spying on the Salt Typhoon, the adversaries may have gathered information about which Chinese intelligence agencies were monitoring.
The National Security Agency, FBI, and Cybersecurity and Infrastructure Security Agency released direction to the people on how to deal with the Salt Typhoon attack on December 3.
Their Enhanced Visibility and Hardening Guidance for Communications Infrastructure link basically repeats best security procedures for businesses to help reduce Salt Typhoon’s influence or upcoming knockoff problems.
However, it does contain advice on how to defend particular communications products for some of the Cisco items that were targeted in this assault.
Despite the fact that the attack has been continuing for decades, US officials and the affected firms have not been able to fully assess the extent, level, and intensity of the attack.
What can be done?
According to US officials, countless of Salt Typhoon’s attacks took place through existing facilities flaws. Failure to implement basic security best practices, as I’ve formerly mentioned, can result in crippling incidents for all sizes of organizations.
It is more crucial than ever to maintain security programs that make it hard for attacks to achieve, especially for important facilities like the phone network, given how dependent the world is on connected information systems.
Companies should continue to be diligent in addition to adhering to the best practices guidance released by the Cybersecurity and Infrastructure Security Agency earlier this year.
To stay up to date on adversaries ‘ techniques and methods – and ways to store them, they should follow not only the news for information about this harm but also the various free, proprietary, or private risk intelligence feeds and informal professional sites.
Businesses and governments may also make sure that best practices are followed when hiring and funding their IT departments and security applications in order to meet their needs. The Federal Communications Commission is already threatening businesses with charges for failing to strengthen their defenses against Foreign hackers.
Backdoors and poor people
The typical American should not be concerned about Salt Typhoon, despite any alleged illegal security. The Taiwanese government is unlikely to be interested in your family’s telephone calls or texts to friends. However, if you want to improve your security and privacy a little, consider using end-to-end encrypted messaging service like Signal, FaceTime or Emails.
Make sure your devices, including your house network, don’t use definition or guessed passwords on them. Additionally, think about using two-factor identification to ensure that any crucial online accounts are protected.
Salt Typhoon has demonstrated that the years of cautions issued by the online security community were accurate, which is lost in the story’s sound. No obligated solution or exclusive access to technology products is likely to go unnoticed or be only used by” the good guys,” and demands on them are likely to fail.
So it’s ironic that one of the measures recommended by the government to stop Salt Typhoon snooping is to use highly encrypted solutions for phone calls and text messages. The government has spent years trying to devalue these features so that only” the great guys” can use it.
Richard Forno is primary teacher, CSEE &, associate director, UMBC Cybersecurity Institute, University of Maryland, Baltimore County
This content was republished from The Conversation under a Creative Commons license. Read the original content.