A new report details a startling discovery that Chinese state hackers accessed the networks of major US broadband providers, which were able to gain access to information from systems the federal government uses for court-authorized wiretapping. The companies listed as being hacked include communications providers Verizon Communications, AT&T, and Lumen Technologies.
While some poke fun at Apple’s walled garden approach to its devices, many have defended the Cupertino-based company throughout the years and the company’s insistence on not allowing the government a backdoor into iPhones. CEO Tim Cook has been adamant for nearly a decade on the point, and even Google CEO Sundar Pichai has defended the decision. With this new realization of the breach of US ISPs, that sentiment appears to be well-founded.
Further, it was noted a cyberattack tied to the Chinese government was able to access a “swath” of US-based broadband providers. In doing so, there was a potential the hackers were also able to access information from systems the federal government used for court-authorized network wiretapping requests. People close to the matter indicated the hackers may have had access for months.
“This has all the hallmarks of an espionage campaign — one with potentially deep access to the most important communication companies in the country,” remarked Brandon Wales, former executive director at the DHS’s Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, a cybersecurity firm. “The impacts are potentially staggering.”
Another report indicated that China’s foreign spy service, the Ministry of State Security (MSS), is also involved in the breach. According to The WSJ, who first reported the hack, officials have said it was carried out by an arm of the MSS, known as the “Salt Typhoon.”
It is important to note that telecommunication firms have a legal obligation to allow federal authorities to have access to electronic information, if there is a court order for the eavesdropping. Therefore, if China were able to access the wiretapping system, it would indeed be a serious breach of security that would reach far and wide, potentially across millions of Americans.
A spokesperson from China’s embassy in Washington said the US intelligence community and cybersecurity companies are spreading “disinformation” to obtain federal government funding and contracts. “We have always resolutely opposed and combated all forms of cyber hacking in accordance with law,” remarked the spokesperson. “We urge the relevant parties to immediately stop politicizing cybersecurity issues to smear China, and base their conclusions on evidence rather than unfounded speculation and accusations.”
In another response to the accusations, a Chinese ministry official commented, “At a time when cybersecurity has become a common challenge for all countries around the world, this erroneous approach will only hinder the efforts of the international community to jointly address the challenge through dialogue and cooperation.”
With the potential consequences of this most recent hack of US based broadband companies, it is hard to argue against major tech companies’ resistance and long held refusal to give the government a backdoor into phones, devices and other equipment, especially network infrastructure. Those same backdoors that were created by ISPs to provide wiretaps for US law enforcement years ago, are now the backdoors being exploited and hacked by China nation-state espionage actors.