The FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a statement on Wednesday saying that Salt Typhoon’s recent hacks into commercial telecommunications infrastructure in the United States have affected “a limited number of individuals who are primarily involved in government or political activity.”
Last month, the two agencies said they were investigating the China-linked hacking group’s recent infiltration of commercial telecommunications infrastructure to target President-elect Donald Trump; Vice President-elect Sen. JD Vance, R-Ohio; and associates of Vice President Kamala Harris.
In their Nov. 13 statement, the FBI and CISA said their ongoing investigation “has revealed a broad and significant cyber espionage campaign.”
“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders,” they said. “We expect our understanding of these compromises to grow as the investigation continues.”
In early October, a report from the Wall Street Journal revealed that the China-linked hackers may have accessed the wiretapping systems of AT&T, Verizon, and Lumen.
Later that month, the Department of Homeland Security’s (DHS) Cyber Safety Review Board (CSRB) announced that it would launch an investigation into the China-sponsored infiltrations.
CSRB is a public-private initiative that brings together government and industry leaders to better understand significant cybersecurity events. The board investigates root causes, mitigations, and responses, and then issues recommendations based on its findings. CISA manages, supports, and funds the board.
The hack has also garnered attention from members of Congress, including Senate Intelligence Committee Chairman Mark Warner, D-Va.
“I think we will see that Salt Typhoon is one of the biggest breaches potentially ever. But I don’t think it was in any way geared towards the election,” Sen. Warner said on Oct. 31. “I mean, the cyber activities of our adversaries, they get better all the time.”
Sen. Warner said he has talked with House Intelligence Committee Chairman Mike Turner, R-Ohio, about how, after the election, “we really need a rethink on policy around offensive use of cyber, how we think about we go after our adversaries.”
