In a recent development, the Salt Typhoon Chinese hacker group has been exposed for conducting a spy operation by hacking into the networks of some of the largest telecommunication companies in the United States. Through this breach, the hackers were able to access sensitive data, including information related to Donald Trump, his headquarters, and individuals whose phones were under surveillance by the Ministry of Justice.
The FBI and CISA have confirmed that the attack also targeted government institutions such as the Ministry of Defense (DOD). Efforts are currently underway by the affected companies, in collaboration with cybersecurity specialists from the government, to contain the fallout from the hacking incident and bolster their defenses against future threats.
Sens. Ron Wyden and Eric Schmitt have raised concerns over the vulnerability of the Ministry of Defense’s telephone communications to espionage activities. In a letter addressed to the ministry, the senators highlighted that the department had been aware of security gaps with its telecommunication contractors as early as 2024 but had failed to address the issue adequately. While the ministry acknowledges its use of encryption for protection, the responsibility of mitigating certain threats like mobile device tracking rests with the operators themselves.
Although the companies have conducted security audits on their systems, they have balked at sharing the findings with the Pentagon, citing attorney-client privilege. This reluctance begs questions about the operators’ preparedness in dealing with cybersecurity threats effectively.
T-Mobile, one of the companies implicated in the Salt Typhoon attack, has denied any signs of compromise within its network. The company detected hacking attempts through a partner and managed to thwart further intrusion. T-Mobile attributes its success to substantial investments in security, including the adoption of two-factor authentication (2FA) with physical keys and enhanced network monitoring.
The incident underscores the systemic vulnerabilities present in the telecommunication infrastructure of the United States. Senators have called for a reassessment of contracts with operators to mandate more robust cybersecurity measures against such cyber threats.
It is important to note that the Chinese hacker group Storm-0227 initiated an attack on critical U.S. infrastructure and government entities starting December 5. The hackers have been active since January and continue their operations to this day.
Earlier, cybersecurity agencies from the United States, Australia, Canada, New Zealand