Salt Typhoon Hacking Campaign Targets US Call Record Metadata
Posted on 12/05/2024
Chinese hacking group Salt Typhoon reportedly has stolen the call record metadata of a “large number” of Americans.
The metadata was taken in a broad and ongoing attack on America’s telecommunications infrastructure, Reuters reported Wednesday (Dec. 4), citing an unnamed senior U.S. official.
Speaking during a press call, the official said that the hackers have hit dozens of companies around the world, including at least eight in the U.S., and that they are targeting the metadata of individuals who are of interest to the Chinese government, according to the report.
U.S. officials have previously alleged that Salt Typhoon targeted Verizon, AT&T, T-Mobile, Lumen and others, per the report.
Call record metadata can include who a call was placed to, how long it lasted and where it was made from — information that can expose details about a person’s life, work and relationships, the report said. It does not include the content of a call.
It was reported in September that Salt Typhoon hackers with ties to China’s government had gotten into some American internet service providers and were targeting sensitive information.
The hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.
In October, it was reported that the National Security Agency (NSA), other government agencies and some companies were investigating the possibility that Chinese hackers had targeted American telecommunications companies.
The NSA had warned in a June 2022 advisory that telecommunications infrastructure is vulnerable to hacking and that Chinese hackers were seeking a foothold via bugs in devices to gain access to critical users and systems.
In November, it was reported that T-Mobile was hacked as part of a cyberespionage attack on American and international telecommunications companies.
In a statement emailed to PYMNTS at the time, T-Mobile said the hackers didn’t gain access to customer or other sensitive data.
“T-Mobile is closely monitoring this industrywide attack,” the statement said. “Due to our security controls, network structure and diligent monitoring and response, we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced.”
The metadata was taken in a broad and ongoing attack on America’s telecommunications infrastructure, Reuters reported Wednesday (Dec. 4), citing an unnamed senior U.S. official.
Speaking during a press call, the official said that the hackers have hit dozens of companies around the world, including at least eight in the U.S., and that they are targeting the metadata of individuals who are of interest to the Chinese government, according to the report.
U.S. officials have previously alleged that Salt Typhoon targeted Verizon, AT&T, T-Mobile, Lumen and others, per the report.
Call record metadata can include who a call was placed to, how long it lasted and where it was made from — information that can expose details about a person’s life, work and relationships, the report said. It does not include the content of a call.
It was reported in September that Salt Typhoon hackers with ties to China’s government had gotten into some American internet service providers and were targeting sensitive information.
The hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.
In October, it was reported that the National Security Agency (NSA), other government agencies and some companies were investigating the possibility that Chinese hackers had targeted American telecommunications companies.
The NSA had warned in a June 2022 advisory that telecommunications infrastructure is vulnerable to hacking and that Chinese hackers were seeking a foothold via bugs in devices to gain access to critical users and systems.
In November, it was reported that T-Mobile was hacked as part of a cyberespionage attack on American and international telecommunications companies.
In a statement emailed to PYMNTS at the time, T-Mobile said the hackers didn’t gain access to customer or other sensitive data.
“T-Mobile is closely monitoring this industrywide attack,” the statement said. “Due to our security controls, network structure and diligent monitoring and response, we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced.”
Comments( 0 )
0 0 21
0 0 21
