US Officials Race To Understand Severity of China's Salt Typhoon Hacks (msn.com) 18
U.S. officials are racing to understand the full scope of a China-linked hack of major U.S. broadband providers, as concerns mount from members of Congress that the breach could amount to a devastating counterintelligence failure. From a report: Federal authorities and cybersecurity investigators are probing the breaches of Verizon Communications, AT&T and Lumen Technologies. A stealthy hacking group known as Salt Typhoon tied to Chinese intelligence is believed to be responsible. The compromises may have allowed hackers to access information from systems the federal government uses for court-authorized network wiretapping requests, The Wall Street Journal reported last week.
Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.
Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.
Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.
Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.
You built a backdoor... (Score:5, Insightful)
These attacks were basically the Chinese tapping into the FBI/NSA (illegal) wiretapping boxes that ISPs, Universities and data centers are obliged to install (I've seen a few of them).
As Alanis Morissette would say: isn't it ironic.
Re:You built a backdoor... (Score:5, Informative)
Who needs a backdoor to undermine U.S. intelligence efforts when it's handed over [imgur.com] like a present.
Re: (Score:2)
The Justice Department found 'incredibly sensitive' material on active spies [telegraph.co.uk] at Mar-A-Lago.
“The HCS control system protects human intelligence-derived information, and information relating to human intelligence activities, capabilities, techniques, processes, and procedures.”
Steve Hall, former CIA chief of Russia operations, said: “That’s basically information from human spies. ‘HCS’ stuff, basically, means there’s information in those boxes in the basement in Mar-a-Lago that pertain to, or potentially came from, human sources, human spies.
“In the case of human sources, they usually get imprisoned, or if it’s Russia or another authoritarian society they’re oftentimes simply executed. That type of information is incredibly sensitive.”
He added: “As a former CIA guy it sends chills up and down my spine that there’s HCS information in somebody’s basement. It's really, really bad.”
We know for a fact the convicted felon revealed a highly classified, undercover source of information [npr.org] from one of our allies to Russian diplomats in 2017. Further, in that same year, because he was willingly handing over classified informaiton to his Russian handlers, we had to extract a source of information from within the Russian government [cnn.com] to prevent the source from being known.
Then there was the binder full of c
Re: (Score:2)
On the bright side, from now on everyone will be able to refer to this incident whenever a government wants to introduce a backdoor in secure messaging. Something like this:
"Oh, so you want a repeat of the Salt Typhoon incident! Why are you trying to undermine the country's safety? Are you a Chinese spy? How much are they paying you!?"
Wash, rinse, and repeat, until it gets across.
Re: (Score:1)
You can buy them too, these days they are just regular white box switches or servers, rarely do you see something custom built like this https://apcon.com/technologies... [apcon.com] - which is part of the problem, they aren't obscure enough, they are just Linux boxes with management plugged into the Internet, supposedly updated and secured by the government (which basically means the most insecure box in your infrastructure) fairly sure the Chinese just stumbled across one by accident.
Re: (Score:3)
Indeed. Not only you can spy on your people, the rest of the world can do so too!
What a complete fail at IT risk management. Must be moron-fanatics in charge.
Re: (Score:2)
You're assuming that they were actually paying attention to what they were told and believed it. Being that they're all politicians and therefore don't understand IT, I find that hard to believe. Much more likely their minds were wandering during the briefing and they quickly forgot it as something that didn't fit into their world view.
Re: (Score:2)
Internet communications? (Score:3)
Don't we assume that *any* unencrypted communications on the internet can be intercepted anyways? Or saved for later?
It's the internet...
Re: (Score:2)
Who's at fault? (Score:2)
If the NSA hacks China, is the NSA at fault or is it China's fault for failing to keep them out? China has laws that make this a criminal act, and the US government has no qualms breaking those laws.
We hack China. China hacks us. This is the norm.
Our job is to keep them out. If we are too stupid to keep them out, we get what we deserve.
Re: (Score:2)
Every last one (Score:5, Insightful)