October 28, 2024 at 04:09PM
The FBI is investigating cyberattacks by Chinese-linked group Salt Typhoon on US telecoms, targeting phones of prominent political figures including Kamala Harris and Donald Trump. Affected companies, like Verizon and AT&T, are under scrutiny, prompting questions from lawmakers about their security measures amid rising cyber threats linked to China.
### Meeting Takeaways:
1. **Investigation Overview**:
– The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are investigating cyber intrusions linked to the Chinese government, specifically targeting US telecom companies.
– The hacker group Salt Typhoon is suspected of infiltrating the infrastructure of major telecom providers such as Verizon, AT&T, and Lumen Technologies.
2. **Targets of the Attacks**:
– Reports indicate that Salt Typhoon has targeted devices belonging to US presidential candidates Kamala Harris and Donald Trump, including his running mate JD Vance.
– Other notable political figures, including staff from Senate Majority Leader Chuck Schumer, may also have been targeted.
3. **Agency Responses**:
– Affected companies have been notified, and technical assistance has been provided to mitigate the threat.
– Lawmakers are pressing for answers from the three telecom companies regarding their knowledge of these breaches and the steps taken to enhance cyber security.
4. **Nature of the Breaches**:
– Salt Typhoon reportedly compromised wiretapping systems of the broadband providers; it remains unclear what data, if any, was exfiltrated during these operations.
5. **Cybersecurity Context**:
– The investigation highlights an increase in cyber espionage activities linked to Chinese entities, including recent disruptions of a botnet by FBI Director Christopher Wray.
– It marks a “new frontier” in the cyber threats posed by the Chinese government, with growing alarms about the vulnerabilities in critical infrastructure and communications.
6. **China’s Position**:
– The Chinese government has denied allegations of cyber espionage and has labeled such claims as unfounded, attributing them to US narrative.
7. **Next Steps for Organizations**:
– Organizations suspecting they may be victims of similar attacks are advised to contact their local FBI field office or CISA for assistance.
### Action Items:
– Monitor updates from the investigation and ongoing communications from FBI and CISA.
– Prepare potential questions or follow-ups to address lawmaker concerns regarding cybersecurity measures in place at telecom companies.
– Review and enhance internal cybersecurity protocols based on lessons learned from this incident.