8 US telcos compromised, FBI advises Americans to use encrypted communications
FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from threat actors that have – and will – burrow into the networks and systems of US telecommunication companies.
NBC News reported that the advice was given during a conference call with the media on Tuesday, during which the official also shared that the compromise of the networks of multiple US telcos by the China-affiliated Salt Typhoon cyber spies is ongoing, and that they can’t predict when the attackers will fully evicted.
The FBI and CISA officials said that Salt Typhoon:
- Stole call records of subscribers (and focused on data related to calls made around the Washington, DC, area)
- Intercepted phone calls and text messages of “specific targets” (in government and politics)
- Accessed systems set up for court-ordered communication interception by law enforcement and intelligence agencies
Previous reports named AT&T, Verizon and Lumen Technologies as targets but, as reported by CNN on Wednesday, the White House has confirmed on Wednesday that at least eight US telecommunications providers have been breached by the group.
The People’s Republic of China (PRC) government has denied involvement in the attacks.
Advice for telcos and citizens
On Tuesday, the CISA, the NSA, the FBI and partner agencies from Five Eyes countries have released a detailed guide to help network defenders and engineers of communications infrastructure enhance visibility into their network and systems and harden them against cyber intruders.
While the guide refers to the Salt Typhoon cyberespionage campaign, the participating agencies surely expect other state-sponsored attackers trying to replicate that group’s success.
In the meantime – but also in general – the proffered advice to use end-to-end encrypted (E2E) text and voice communication apps makes sense, as it will prevent attackers’ from decrypting any intercepted communication.
Apps like Signal, Telegram, Wire, Threema, Meta’s Messenger and WhatsApp, Apple’s iMessages, Google Messages and others offer E2E for messages and/or calls, some by default and others as an option.
Still, the FBI official’s advice did come as a surprise for many, as federal law enforcement agencies have in the past often complained about full end-to-end encryption styming investigations.
Law enforcement and intelligence agencies’ use of systems built by ISPs and telcos for lawful communication interception are also problematic, the Electronic Frontier Foundation (EFF) has recently pointed out again.
“There is no backdoor that only lets in good guys and keeps out bad guys. If [U.S. policymakers] care about China and other foreign countries engaging in espionage on U.S. citizens, it’s time to speak up in favor of encryption by default,” EFF’s Joe Mullin and Cindy Cohn urged.