Massive cyberattack on US providers: Attacks are still continuing
In the fall, the worst telecommunications hack in US history was discovered. The attackers have not yet been stopped, quite the opposite.
(Image: asharkyu/Shutterstock.com)
The suspected Chinese hacking group behind the devastating cyberattack on several major providers in the US is reportedly still active, and compromised five more telecommunications companies between December and January. This was reported by TechCrunch, citing the cybersecurity firm Recorded Future. According to the firm, the Chinese group infiltrated the US subsidiary of a well-known British group, a US internet provider and telecommunications companies in Italy, South Africa and Thailand. The group would collect information from other systems. And this despite the fact that the cyberattack was discovered in the fall.
Official investigations abruptly halted
According to the report, Recorded Future does not believe that the attacks will come to an end, even though the attack was discovered at the beginning of October. At that time, it was reported that attackers suspected of being in the service of the Chinese government had succeeded in compromising the networks of AT&T, Verizon, T-Mobile and other providers. The group called “Salt Typhoon”, “GhostEmperor” or “FamousSparrow” was apparently involved in gathering information. It was the “largest telecommunications hack in US history — by far”, said the chairman of the Senate committee responsible for intelligence services in November.
Videos by heise
The government investigation into the cyberattack came to an abrupt halt at the end of January when the new US government dismissed all non-government appointees to various advisory bodies. This effectively stalled the Cyber Safety Review Board's investigation into the attack. The CSRB has been existing since 2022 and is staffed by the cybersecurity agency CISA. Government institutions such as the NSA intelligence agency and the Ministry of Justice were actually represented on the board, as well as private sector players such as Google and cybersecurity companies. The assembled expertise is intended to investigate particularly serious cybersecurity incidents.
(mho)
