The hackers, part of a group dubbed Salt Typhoon, have been able to listen in on audio calls in real time and have in some cases moved from one telecom network to another, exploiting relationships of “trust,” said Sen. Mark R. Warner (D-Virginia), chairman of the Senate Intelligence Committee and a former telecom venture capitalist. Warner added that intruders are still in the networks.
Though fewer than 150 victims have been identified and notified by the FBI — most of them in the D.C. region, the records of people those individuals have called or sent text messages to run into the “millions,” he said, “and that number could go up dramatically.”
...
Those details, some previously undisclosed, add to the alarming understanding of the scope of the hack since late September, when the U.S. government, after being alerted by industry, began to grasp its seriousness. “The American people need to know” how serious the intrusion is, Warner said.
The hackers targeted the phones of Donald Trump and his running mate, Sen. JD Vance of Ohio, as well as people working for the campaign of Vice President Kamala Harris and State Department officials.
The effort was not directly election-related, Warner noted, as the hackers got into the telecom systems months earlier — in some cases more than a year ago.
...
The networks are still compromised, and booting the hackers out could involve physically replacing “literally thousands and thousands and thousands of pieces of equipment across the country,” specifically outdated routers and switches, Warner said.
“This is an ongoing effort by China to infiltrate telecom systems around the world, to exfiltrate huge amounts of data,” he said.
...
Hackers have acquired access to the system that logs U.S. law enforcement requests for criminal wiretaps, allowing the Chinese to know who is of interest to authorities. There is no evidence so far that hackers have compromised the collection system itself through which law enforcement listens in on wiretapped calls, said U.S. officials, speaking on the condition of anonymity because of the matter’s sensitivity.
...
The calls on which Chinese hackers were able to listen in were not part of the “lawful intercept,” or wiretap, system, officials said. But hackers also had access unencrypted communications, including text messages. End-to-end encrypted communications such as those on the Signal platform are believed to be protected, officials said.
...
So far, the hack is known to have affected major U.S. firms such as AT&T, Verizon and T-Mobile, U.S. and industry officials said.
“This is massive, and we have a particularly vulnerable system,” Warner said. “Unlike some of the European countries where you might have a single telco, our networks are a hodgepodge of old networks. ... The big networks are combinations of a whole series of acquisitions, and you have equipment out there that’s so old it’s unpatchable.”
What a hack, trying to blame it on this. There are three European countries with a single telco: Andorra, a microstate. Gibraltar, a micro province. Monaco, a microstate. Even the Faroe Islands...
Unlike some of the European countries where you might have a single telco
What a hack, trying to blame it on this.
There are three European countries with a single telco:
Andorra, a microstate.
Gibraltar, a micro province.
Monaco, a microstate.
Even the Faroe Islands have three.
The system is a sieve and it's not because it's a hodgepodge of telcos.
This seems like a major news story that I've been sleeping on. But I did share a previous Washington Post article about a similar-sounding hack on August 27: Chinese government hackers penetrate...
This seems like a major news story that I've been sleeping on. But I did share a previous Washington Post article about a similar-sounding hack on August 27:
Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said.
So, I guess, you can assume China is listening to your phone calls now, if they want?
This article explains a little more about the code names:
This article explains a little more about the code names:
There are several "typhoon" threats, the moniker used by Microsoft in order to track different Chinese-backed campaigns based on their tactics and procedures.
Salt Typhoon has been active since 2020, according to Microsoft research cited by the Journal.
Volt Typhoon has persistently infiltrated U.S. infrastructure, with reports showing that attackers maintained access to critical U.S. systems for "at least five years."
Flax Typhoon targets home routers, firewalls, storage devices, and Internet of Things devices like cameras and video recorders and has been active since 2021, according to the Department of Justice.
Given that the US doesn't really have separate networks for civilian and military use... this is pretty alarming!
booting the hackers out could involve physically replacing “literally thousands and thousands and thousands of pieces of equipment across the country,” specifically outdated routers and switches
Given that the US doesn't really have separate networks for civilian and military use... this is pretty alarming!
They do to a point, but expounding on that seems like a poor idea at the present lol. My concern isn't so much the network segregation as it is how many people ignore security for the sake of...
They do to a point, but expounding on that seems like a poor idea at the present lol.
My concern isn't so much the network segregation as it is how many people ignore security for the sake of convenience. All the cool guy gear in the world means nothing if no one uses it. (Or if it's so cumbersome they decide they can be secure by "encoding" their conversations. I've seen that from a few folks who were senior enough to know way better)
I mean as I understand it not really- any serious security is usually done with the assumption that internet communications are compromised. The real issue is how we still don’t have E2EE on calls...
I mean as I understand it not really- any serious security is usually done with the assumption that internet communications are compromised. The real issue is how we still don’t have E2EE on calls and texts.
Because governments and law enforcement have been fighting against it tooth and nail. https://www.lawfaremedia.org/article/end-to-end-encryption-is-a-critical-national-security-tool...
I don't think there's any way to put encryption on gsm calls / SMS messages without fundamentally replacing the protocols entirely. (And to do that is so much work that it's definitely not worth it).
I don't think there's any way to put encryption on gsm calls / SMS messages without fundamentally replacing the protocols entirely. (And to do that is so much work that it's definitely not worth it).
RCS is basically achieving encrypted replacement of SMS. iMessage achieved it for text chat with Apple customers a long time ago. The last holdout is Android to iOS RCS, which is rumored to be...
RCS is basically achieving encrypted replacement of SMS. iMessage achieved it for text chat with Apple customers a long time ago. The last holdout is Android to iOS RCS, which is rumored to be coming in the next year. SMS/MMS will still be available as a backup, of course.
That wasn't my intention, but I understand how that conclusion could be drawn from my listing Android first in the sentence. Thank you for providing additional context.
That wasn't my intention, but I understand how that conclusion could be drawn from my listing Android first in the sentence. Thank you for providing additional context.
Don’t we partially have these things? We could use Signal (I have it installed), but mostly we don’t. Also, iMessage is pretty popular and supposedly end-to-end encrypted.
Don’t we partially have these things? We could use Signal (I have it installed), but mostly we don’t. Also, iMessage is pretty popular and supposedly end-to-end encrypted.
iMessage is a big part of the problem, sadly, because 50% of America uses Androids and do not get the automatic upgrade to E2EE-- that, and iMessage may fail and downgrade to non E2EE RCS for any...
iMessage is a big part of the problem, sadly, because 50% of America uses Androids and do not get the automatic upgrade to E2EE-- that, and iMessage may fail and downgrade to non E2EE RCS for any number of reasons, including your phone being dropped and the SIM card moving out of place for a second.
There, in my opinion, have to be active campaigns by agencies like the NSA for adoption of things like Signal OR legal requirements to have E2EE RCS on network operators and Apple. Unfortunately, the surveillance state decided that it helps more than it hurts to have things not be encrypted.
Abusing an intentional "backdoor" setup for law enforcement is not really "hacking." I tend to have an issue with the way the media describes these types of incidents. I get that I am in a...
Abusing an intentional "backdoor" setup for law enforcement is not really "hacking." I tend to have an issue with the way the media describes these types of incidents. I get that I am in a minority in that I understand these technical concepts and issues better than most but at the same time by reusing terminology across multiple outcomes ("hacking" in and of itself is not good or bad - it can be used for both) muddies the water and makes it harder for regular people to understand the issues at large.
For example, the phrasing in this particular instance shifts the blame from choices we make as a society (providing backdoors for the "good guys") to an external entity (Chinese "hackers") and makes normal people think that this took some herculean effort when in reality they just stole some credentials to a system to request this type of access, then abused it for their own purposes. The discussion we should be having is if providing this level of access at all is a good thing or not. Instead it'll get spun into a diplomatic issue between the Chinese and the US without any of the underlying discussions about why this could happen in the first place.
I'd say it is. Abusing flaws in built in systems is a huge part of hacking. Yes some of it is literal unintentional "hey I found a way to overload the memory here so I and RCE here...", but a lot...
Abusing an intentional "backdoor" setup for law enforcement is not really "hacking."
I'd say it is. Abusing flaws in built in systems is a huge part of hacking. Yes some of it is literal unintentional "hey I found a way to overload the memory here so I and RCE here...", but a lot of it stems from stuff like "so this captain crunch whistle emits the right tone to get free long distance" which all stems from abuse of existing protocols.
Looking into it myself, I came across this article from the National Motor Freight Traffic Association, which seems a weird resource but has a very good explanation (and even lists ts sources at...
Looking into it myself, I came across this article from the National Motor Freight Traffic Association, which seems a weird resource but has a very good explanation (and even lists ts sources at the end).
Realistically this is because there is a lot of different equipment (model numbers * manufacturers). It is costly to make firmware updates and at some point things become deprecated. For simple...
why do they say that many routers will need to be replaced
Realistically this is because there is a lot of different equipment (model numbers * manufacturers). It is costly to make firmware updates and at some point things become deprecated.
For simple equipment a patch to fix this might be relatively small--certain government agencies might even already have patches for these backdoors but they aren't going to make that information public so we all have to suffer.
It takes 4-8 hours just to check if a single line (voice-only phoneset + wires) is bugged. So it also might just be the case that it's cheaper to replace it but it still takes time to replace equipment.
And this comes on the heels of the new director of Homeland Security wanting to get rid of the US cyber security agencies like CISA and others.. So I see this continuing to be a problem for the...
Related to the article. I'm not surprised. Chinese APTs (advanced persistent threat) groups like targeting both critical and non-critical portions of US companies and networks and will continue to do so. I'm actually part of a civilian IR group who helps small/local infrastructure and other government entities with IR. We have helped a couple of small cities recover from the business end of APTs. Volt Typhoon being one of them and most of IR training relates to how to ID and respond to PRC APTs.
marco rubio isn’t a “top” anything. i don’t even know what a “top” congress person is. i assume it’s whatever the person using that term thinks it is. few people in congress are tech literate....
marco rubio isn’t a “top” anything. i don’t even know what a “top” congress person is. i assume it’s whatever the person using that term thinks it is.
few people in congress are tech literate. most just ju,p on whatever is popular and/or bribes them best.
From the article:
...
...
...
...
...
What a hack, trying to blame it on this.
There are three European countries with a single telco:
Even the Faroe Islands have three.
The system is a sieve and it's not because it's a hodgepodge of telcos.
Seems like info WaPo should have inserted had they been diligent.
Single Google search to verify by the way.
This seems like a major news story that I've been sleeping on. But I did share a previous Washington Post article about a similar-sounding hack on August 27:
Chinese government hackers penetrate US internet providers to spy
I'm not sure if it's the same. That article refers to "Volt Typhoon".
And it seems the Wall Street Journal reported on this on October 5th:
U.S. Wiretap Systems Targeted in China-Linked Hack - (archive)
So, I guess, you can assume China is listening to your phone calls now, if they want?
This article explains a little more about the code names:
Given that the US doesn't really have separate networks for civilian and military use... this is pretty alarming!
They do to a point, but expounding on that seems like a poor idea at the present lol.
My concern isn't so much the network segregation as it is how many people ignore security for the sake of convenience. All the cool guy gear in the world means nothing if no one uses it. (Or if it's so cumbersome they decide they can be secure by "encoding" their conversations. I've seen that from a few folks who were senior enough to know way better)
I mean as I understand it not really- any serious security is usually done with the assumption that internet communications are compromised. The real issue is how we still don’t have E2EE on calls and texts.
Because governments and law enforcement have been fighting against it tooth and nail.
https://www.lawfaremedia.org/article/end-to-end-encryption-is-a-critical-national-security-tool
https://www.bbc.com/news/59964656
Well, they can reap what they sow then.
I don't think there's any way to put encryption on gsm calls / SMS messages without fundamentally replacing the protocols entirely. (And to do that is so much work that it's definitely not worth it).
RCS is basically achieving encrypted replacement of SMS. iMessage achieved it for text chat with Apple customers a long time ago. The last holdout is Android to iOS RCS, which is rumored to be coming in the next year. SMS/MMS will still be available as a backup, of course.
You make it sound like this is Android's fault. It's Apple's, iOS 18 (released in Sept. 2024) is the first time they've implemented it.
https://www.engadget.com/what-is-rcs-and-how-is-it-different-from-sms-and-imessage-202334057.html
That wasn't my intention, but I understand how that conclusion could be drawn from my listing Android first in the sentence. Thank you for providing additional context.
Yeah exactly.
Don’t we partially have these things? We could use Signal (I have it installed), but mostly we don’t. Also, iMessage is pretty popular and supposedly end-to-end encrypted.
iMessage is a big part of the problem, sadly, because 50% of America uses Androids and do not get the automatic upgrade to E2EE-- that, and iMessage may fail and downgrade to non E2EE RCS for any number of reasons, including your phone being dropped and the SIM card moving out of place for a second.
There, in my opinion, have to be active campaigns by agencies like the NSA for adoption of things like Signal OR legal requirements to have E2EE RCS on network operators and Apple. Unfortunately, the surveillance state decided that it helps more than it hurts to have things not be encrypted.
Abusing an intentional "backdoor" setup for law enforcement is not really "hacking." I tend to have an issue with the way the media describes these types of incidents. I get that I am in a minority in that I understand these technical concepts and issues better than most but at the same time by reusing terminology across multiple outcomes ("hacking" in and of itself is not good or bad - it can be used for both) muddies the water and makes it harder for regular people to understand the issues at large.
For example, the phrasing in this particular instance shifts the blame from choices we make as a society (providing backdoors for the "good guys") to an external entity (Chinese "hackers") and makes normal people think that this took some herculean effort when in reality they just stole some credentials to a system to request this type of access, then abused it for their own purposes. The discussion we should be having is if providing this level of access at all is a good thing or not. Instead it'll get spun into a diplomatic issue between the Chinese and the US without any of the underlying discussions about why this could happen in the first place.
I'd say it is. Abusing flaws in built in systems is a huge part of hacking. Yes some of it is literal unintentional "hey I found a way to overload the memory here so I and RCE here...", but a lot of it stems from stuff like "so this captain crunch whistle emits the right tone to get free long distance" which all stems from abuse of existing protocols.
I don't know how this hack worked. For example, why do they say that many routers will need to be replaced?
Do you know of a good explanation?
Looking into it myself, I came across this article from the National Motor Freight Traffic Association, which seems a weird resource but has a very good explanation (and even lists ts sources at the end).
Haha, so bizarre to find such a specific and high quality article on a website so peripherally related. And yet here we are.
Realistically this is because there is a lot of different equipment (model numbers * manufacturers). It is costly to make firmware updates and at some point things become deprecated.
For simple equipment a patch to fix this might be relatively small--certain government agencies might even already have patches for these backdoors but they aren't going to make that information public so we all have to suffer.
It takes 4-8 hours just to check if a single line (voice-only phoneset + wires) is bugged. So it also might just be the case that it's cheaper to replace it but it still takes time to replace equipment.
And this comes on the heels of the new director of Homeland Security wanting to get rid of the US cyber security agencies like CISA and others.. So I see this continuing to be a problem for the US.
Related to the article. I'm not surprised. Chinese APTs (advanced persistent threat) groups like targeting both critical and non-critical portions of US companies and networks and will continue to do so. I'm actually part of a civilian IR group who helps small/local infrastructure and other government entities with IR. We have helped a couple of small cities recover from the business end of APTs. Volt Typhoon being one of them and most of IR training relates to how to ID and respond to PRC APTs.
marco rubio isn’t a “top” anything. i don’t even know what a “top” congress person is. i assume it’s whatever the person using that term thinks it is.
few people in congress are tech literate. most just ju,p on whatever is popular and/or bribes them best.
He's the Vice Chair of the Select Committee on Intelligence. When it comes to Intel, he's a top senator.
Very true, and on top of that some ideas floating around of getting rid of secure comm channels. What a waste land.