Chinese Government Hackers Infiltrate U.S Telecommunications Companies

A group of hackers linked to the Chinese government has infiltrated multiple US telecommunications companies in recent months, likely in an effort to access sensitive national security information. The hacking activity was first reported by The Wall Street Journal (WSJ)

US investigators suspect that the hackers may have gained access to wiretap warrant requests, though officials are still working to determine the full extent of the data that may have been compromised. AT&T, Verizon, and Lumen, major broadband and internet providers, were among the targets.

The breach has raised concerns among US officials about the potential national security implications, as the hacking was only discovered recently. This incident is the latest in a series of sophisticated cyberattacks on US federal agencies, which investigators have traced to China. The breach also comes at a time of heightened tension between Washington and Beijing over cyber-espionage and broader national security issues.

Telecom companies like these hold vast amounts of data from phone and internet communications. US law enforcement agencies often request access to specific data via court-approved warrants for use in criminal and national security investigations, some of which could be of significant interest to Beijing. In recent years, the US government has charged Chinese agents with harassing Chinese nationals living in the US and hacking American businesses and political dissidents.

AT&T, Lumen and Verizon have so far not responded to the reports. The Justice Department and FBI also declined to comment. Meanwhile, a spokesperson for the Chinese Embassy in Washington, DC, denied the accusations, claiming that reports of Chinese-backed hacking were "a distortion of the fact" and accusing the US of "politicizing cybersecurity issues to smear China."

According to WSJ sources, US officials have briefed both the House and Senate intelligence committees on the situation. Microsoft and Google-owned cybersecurity firm Mandiant have been involved in investigating the breach.

Investigators have been impressed by the hackers' skill, persistence, and ability to deeply infiltrate computer networks. The hacking group, known as Salt Typhoon within the cybersecurity community, is just one of several Chinese-backed groups capable of espionage or disrupting networks, according to US officials and cybersecurity experts.

Microsoft confirmed tracking Salt Typhoon's activities and providing customers with the necessary information to investigate. FBI Director Christopher Wray has previously stated that Chinese government-backed hackers outnumber FBI cyber personnel by 50 to 1.

In addition to Salt Typhoon, other Chinese hacking groups have allegedly infiltrated US transportation and communication networks, preparing to disrupt any US response to a potential Chinese invasion of Taiwan, according to US officials. Another group was accused of hacking unclassified email accounts of senior US diplomats last year, just before Secretary of State Antony Blinken's visit to China.