Salt Typhoon Compromised AT&T, Verizon, Lumen Technologies, Accessing US Govt Officials Comms
Published on November 14, 2024
Chinese state-affiliated hackers identified as Salt Typhoon, also known as GhostEmperor and FamousSparrow, reportedly extended their network penetration to target sensitive phone data linked to notable political figures, including Republican presidential candidate Donald Trump and vice presidential candidate JD Vance.
Reports from the New York Times, the Wall Street Journal, and Reuters indicate that the infiltration was facilitated through Verizon’s phone systems. The breach allegedly extends to prominent figures on Capitol Hill and staff members associated with Vice President Kamala Harris’s campaign.
The FBI and CISA have released a joint statement acknowledging the unauthorized access and have committed to an ongoing investigation to assess the scale and impact of the breach. They have assured the public that affected companies have been notified and provided with technical assistance to mitigate further threats.
While the extent of data accessed by the hackers remains unclear, the potential compromise of personal communications, including text messages, is a serious concern.
The breach follows a broader pattern of foreign interference, notably from China, Russia, and Iran, aimed at undermining U.S. democratic processes through cyberattacks and disinformation campaigns.
This incident is part of a broader context of escalating cyber threats against the U.S. election system, as highlighted by recent reports from Microsoft and other sources. Despite these threats, U.S. cybersecurity experts maintain that the integrity of the electoral infrastructure remains intact, with misinformation posing a greater challenge than technical vulnerabilities.
Jen Easterly, Director of CISA, reiterated this sentiment, emphasizing the robust security measures in place to ensure fair and secure elections. However, the breach at Verizon illustrates the persistent risks posed by sophisticated cyber adversaries and the imperative for continued vigilance and investment in cybersecurity measures.
This month, AT&T consented to a $13 million settlement with the Federal Communications Commission (FCC) following a significant data breach that compromised the personal information of approximately 9 million customers. This breach involved unauthorized access and sale of customer data by third-party vendors employed by AT&T.
In August, security researchers discovered that most Google Pixel and Android devices sold in Verizon stores have been shipped worldwide since 2017 with a problematic APK system file that lies dormant, offering excessive system privileges, permitting remote code execution and remote package installation.