Scope Of Chinese ‘Salt Typhoon’ Hack Keeps Getting Worse, As Trump Dismantles U.S. Cybersecurity Defenses
Late last year, most major U.S. telecoms were the victim of a massive, historic intrusion by Chinese hackers who managed to hack into U.S. communications networks and then spy on public U.S. officials for more than a year completely undetected. The “Salt Typhoon” hack was so severe, the intruders spent another year rooting around the ISP networks even after discovery. AT&T and Verizon, two of the compromised companies, initially didn’t think it was worth informing subscribers this happened.
Like most hacks, the scale of the intrusion was significantly worse than originally stated. And it keeps expanding. This week, lawmakers finally revealed that they only recently realized that the same Chinese hackers accessed email systems used by some staffers on the House China committee in addition to aides on the foreign affairs committee, intelligence committee, and armed services committee:
“The attacks are the latest element of an ongoing cyber campaign against US communication networks by the Ministry of State Security, China’s intelligence service. One person familiar with the attack said it was unclear if the MSS had accessed lawmakers’ emails.”
Which means that they almost definitely had access to confidential lawmakers’ emails, something it will take our Keystone-Cops-esque government another six months to admit.
It can’t be overstated what a complete and massive hack this was. The Chinese government had broad, historic access to the sensitive phone and email conversations of a massive number of sensitive U.S. public and government figures, for years. Thanks, in large part, to big telecoms like AT&T leaving key network access points “secured” with default administrative usernames and passwords.
Last June, NextGov reported that lawyers at big telecoms had started advising their engineers to stop looking for signs of Salt Typhoon intrusion because they were worried about bad press and liability. Due to this coverup and a lack of transparency by the dying U.S. government, it’s likely we still don’t know the full scope of the intrusions.
Meanwhile, the Trump administration has responded by gutting government cybersecurity programs (including a board investigating the Salt Typhoon hack), dismantling the Cyber Safety Review Board (CSRB) (responsible for investigating significant cybersecurity incidents), and firing oodles of folks doing essential work at the Cybersecurity and Infrastructure Security Agency (CISA).
Trump’s courts have made it impossible to hold telecoms accountable for privacy violations. His earlobe nibbler at the FCC, Brendan Carr, constantly undermines efforts to improve security in Chinese-made smart home devices, and is dismantling what little telecom oversight we had. Their big “win” on “national security” was transferring TikTok ownership to Trump’s unethical billionaire friends.
The Chinese hacked into most of our sensitive systems and spied on powerful people, across the entirety of U.S. governance, for years. The companies involved covered it up and the Trump administrations’ “fix” was to destroy our cybersecurity protections and corporate oversight.
The press, with scattered exception, yawned and put the story on page four.
This generational damage to U.S. IT infrastructure will likely take decades to recover from, and we can’t even begin the process of a proper, competent audit (assuming we’re even capable of that) until Trump is removed from office. Even then, course correcting may not be possible without fixing Trump’s domination of the Supreme and 5th and 6th Circuit courts, which have proudly declared all corporate oversight to be illegal.