China's cyber spies intercept phone data and calls from US network operators
Chinese cyber spies infiltrated US network operators. Conversations and data from government and politicians were intercepted, as were police wiretaps.
(Image: Gorodenkoff/Shutterstock.com)
Commercial network operators in the USA such as AT&T and Verizon have fallen victim to Chinese cyber spies. The attackers, supported by the Chinese government, have gained access to customer phone records and data as well as private communication data of politicians and government officials. Even court-authorized wiretaps carried out by police authorities were intercepted. The FBI and the US cyber security agency CISA describe it as a "comprehensive and significant cyber espionage campaign".
In doing so, the FBI and CISA (Cybersecurity and Infrastructure Security Agency) have confirmed what had previously become known. At the beginning of October, it was reported that AT&T, Verizon and Co. had allegedly been infiltrated by a Chinese espionage group. The campaign appears to be aimed at information gathering and is considered a potentially catastrophic security breach. This is because the cybercriminals could have had access to network infrastructures for several months or longer.
Trump and his vice president targeted by spies
The joint statement from the FBI and CISA does not provide details on the scope and duration of the cyberattack, but the attackers' connection to the People's Republic of China is mentioned several times. The investigation into the incidents is ongoing and affected victims are being informed. Names are not mentioned, but the cyber spies targeted Donald Trump, who has just been elected US President, and his Vice President-elect J.D. Vance, writes Politico.
Videos by heise
According to the report, the cyber spies had access to the phone data of several million Americans, but not every single person was monitored. The attackers were initially looking for around 40 victims to spy on. However, this number has now increased and could even include more than a thousand individuals, according to reports. In total, around 10 telecommunications companies were affected, including Verizon, AT&T and Lumen Technologies.
Failure in counterintelligence
The cybercriminals responsible for the attack are called "Salt Typhoon", "GhostEmperor" or "FamousSparrow". In addition to gaining access to network infrastructures, the attackers also had access to other, more general Internet data. According to information from an entry in the Fraunhofer FKIE Malpedia database, a rootkit for Windows kernels called Demodex was used.
Observers describe this cyberattack on US network operators as a serious error in counterintelligence. After all, government agencies are also affected, so it can be assumed that sensitive data may also have been tapped.
(fds)
