Chinese Cyber Espionage Group Salt Typhoon Targets AT&T and Verizon

The Chinese-linked Salt Typhoon cyberespionage operation focused on a select group of individuals deemed to be of foreign intelligence interest. It targeted the systems of AT&T and Verizon; however, the wireless carriers' U.S. networks are now secure as they collaborate with law enforcement and government authorities."We detect no activity by nation-state actors in our networks at this time," an AT&T spokesperson stated. "Based on our ongoing investigation of this attack, it appears that the People's Republic of China targeted a limited number of individuals who are of foreign intelligence interest."

Although only a few instances of compromised information were identified, AT&T has been actively monitoring its systems and taking remedial actions to safeguard customer data. The spokesperson emphasized that the company remains committed to ensuring the security of its networks and continues to collaborate closely with law enforcement and government authorities. This ongoing partnership aims to fully assess the scale of the threat, implement measures to mitigate any potential risks, and bolster the resilience of its infrastructure against future cyber threats.

"We have not detected any threat actor activity in Verizon's network for some time," said Verizon's chief legal officer in a statement. "After extensive efforts to address this incident, we can confirm that Verizon has contained the activities related to this particular breach."Verizon also noted that an independent, highly respected cybersecurity firm had confirmed the containment of the incident.On December 27, U.S. officials added a ninth unnamed telecom company to the list of entities compromised by the Salt Typhoon hackers.

The Chinese cyber actors had gained extensive access to the networks, granting them the ability to "geolocate millions of individuals and record phone calls at will."In response to these incidents, the U.S. Department of Defense and the Federal Communications Commission did not immediately provide comments on Verizon’s statements. Similarly, China's foreign ministry was not immediately available for comment.Chinese officials have previously dismissed these allegations, labeling them as disinformation, and reiterated that Beijing "firmly opposes and combats cyberattacks and cyber theft in all forms."

Earlier, U.S. officials had claimed that hackers targeted Verizon, AT&T, Lumen, and other telecom companies, stealing telephone audio intercepts and large volumes of call record data. In response to the cyberattack, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a directive on December 18, urging senior government officials and political figures to transition to end-to-end encrypted apps for mobile communications to enhance security.

Reports indicate that the Salt Typhoon hacking operation targeted individuals linked to the presidential campaigns of Democrat Kamala Harris and Republican Donald Trump.During a December 11 hearing, Senator Ben Ray Luján, a Democrat from New Mexico, referred to Salt Typhoon as "the largest telecommunications hack in our nation's history." Meanwhile, Senator Ted Cruz, a Republican from Texas, stressed the urgency for the U.S. to "plug any vulnerabilities in communications networks."

As the scope of the Chinese cyberattack on U.S. telecommunications networks continues to unfold, there is growing concern about the scale and implications of the breach. Lawmakers and experts are increasingly questioning when both companies and the government will be able to reassure the American public regarding the security of their communications infrastructure.