US says ‘Salt Typhoon’ Chinese hacking group behind major metadata theft | Cybersecurity News

5 December 2024Last Update :
US says ‘Salt Typhoon’ Chinese hacking group behind major metadata theft | Cybersecurity News

Senior US official says that dozens of telecoms providers around the world have been targeted as China slams cybersecurity ‘slander’.

Chinese hackers have stolen the metadata of a large number of Americans in a wide-ranging cyber-espionage campaign that has targeted at least eight United States telecom firms, as well as dozens of other countries, officials say.

Deputy national security adviser Anne Neuberger said on Wednesday that the hacking group, dubbed Salt Typhoon, gained access to communications of senior US government officials and political figures, but that “classified communications” had not been compromised.

A senior official, speaking while US government agencies gave senators a closed-door briefing on the matter on Wednesday, said “the Chinese government” had focused on “a large number of individuals” in the ongoing campaign, which has targeted dozens of telecommunications and telecom infrastructure companies around the world, including “at least” eight US providers.

This is not the first alleged Chinese breach of US data. In October, federal authorities confirmed hackers linked to China targeted then-presidential candidate Donald Trump and running mate JD Vance, along with people associated with Vice President Kamala Harris.

US officials have previously alleged Chinese hackers hacked Verizon, AT&T, T-Mobile, Lumen and others. T-Mobile said it does not believe hackers got access to its customer information. Lumen said there is no evidence customer data was accessed on its network.

On Tuesday, the Chinese embassy in Washington rejected accusations that it was responsible for the hack after US federal authorities issued new guidance for telecom companies on areas like encryption and monitoring.

“The US needs to stop its own cyberattacks against other countries and refrain from using cybersecurity to smear and slander China,” embassy spokesperson Liu Pengyu said.

Call record metadata does not include the content of a call but can include who a call was placed to, how long it lasted, and where it was made from. Even without the content, call record metadata – especially when captured in bulk – can reveal extraordinarily granular details about a person’s life, work and intimate relationships.

A Senate commerce subcommittee will hold a hearing on December 11 on Salt Typhoon and security threats to communications networks.