US network operators apparently targeted by Chinese cybercriminals
US network operators are said to have been targeted by a Chinese cyber espionage group. It is said to have penetrated surveillance systems.
(Image: Gorodenkoff/Shutterstock.com)
In a recently discovered cyberattack attributed to the Chinese government, the networks of several US network operators may have been infiltrated. AT&T, Verizon and Lumen Technologies, among others, could be affected. This was reported by the Wall Street Journal (WSJ), citing internal sources.
According to the report, the attack was only discovered in recent weeks. Security experts and the US government are investigating the incident. The campaign appears to be aimed at gathering information and is considered a potentially catastrophic security breach. So far, AT&T, Verizon or Lumen have not commented on the campaign to the WSJ.
Hackers had access to sensitive data
For several months or longer, the cybercriminals, dubbed Salt Typhoon, GhostEmperor or FamousSparrow, may have had access to network infrastructure , according to the WSJ. The attackers also had access to other, more general internet data. According to information from an entry in the Fraunhofer FKIE Malpedia database, a rootkit for Windows kernels called Demodex was used for this purpose.
The potentially affected surveillance systems are used to cooperate with requests for domestic information in the context of criminal and national security investigations. It is unclear whether systems that support foreign intelligence surveillance were also affected by the intrusion.
(mack)