At least eight U.S. telecommunications companies and dozens of countries were affected this week by what a senior White House official called a Chinese hacking campaign, also raising concerns about the safety of text messaging.
In a media briefing Wednesday, U.S. National Security Adviser Ann Neuberger said the widespread hacking that gave authorities in Beijing access to the private text messages and phone conversations of an unspecified number of Americans. The details of the activities were revealed.
A hacker group known as Salt Typhoon has been blamed for attacks targeting businesses. AT&T, Verizon, Lumen Technologies. White House officials warned that the number of affected carriers and countries could rise further.
Canadian cybersecurity experts who are closely following this latest breach say industry practices and government regulations that allow intelligence agencies to access communications systems are part of the problem. . These experts and U.S. law enforcement officials recommend that people take steps to protect their text messages.
“The attacks unfolding in the United States reflect historic and continuing vulnerabilities in telecommunications networks around the world, some of which are exacerbated by governments.” said Kate Robertson, a senior research fellow at Anglo-American University. Citizen Lab in Toronto studies digital threats to civil society.
Although the hack appears to be targeting U.S. politicians and government officials, experts say that regular SMS text messages, such as those provided by most wireless carriers, are not encrypted, so He points out that it is not very safe.
“We’re constantly bombarded with concerns about phishing, email scams and malicious links,” said Andrew Kirsch, a security consultant and former intelligence officer with the Canadian Security Intelligence Service (CSIS).
“This highlights the fact that another vulnerability is occurring through communications, phone calls, and text messages.”
Impact on Canadian businesses still unknown
CBC News contacted the RCMP, the Canadian Center for Cyber Security and CSIS, to ask if any Canadian users or carriers were compromised in the cyberattack, but have not yet received a response.
Earlier this week, the Canadian Cyber Security Center announced: Joint release with the USin Australia and New Zealand, provides security advice to businesses such as mobile phone providers. “Improving visibility and strengthening communications infrastructure.”
CBC News also contacted Bell, Rogers and Telus, Canada’s largest mobile phone providers, to ask if their networks were targeted and compromised in the same attack. Rogers and Terrace did not respond prior to publication.
Bell is aware of a “highly sophisticated” attack in the US and is working with government partners and other telecommunications companies to “identify potentially related security incidents across our networks.” said.
The carrier said it had seen no evidence of an attack, but said it was “continuing to investigate and remain vigilant.”
How do these attacks occur?
Robertson explained that these attacks are made possible by governments “prioritizing surveillance objectives over the security of a user’s entire network.”
She said security researchers have found that legitimate “backdoors” used by governments to monitor crime and espionage through landlines and mobile phones can also be “exploited by unwanted attackers” and The company warned that the entire network could be at risk.
Gary Miller, a colleague at Citizen Lab who specializes in threats to mobile networks, says the interconnectivity between different companies and countries in communications networks is another weak point.
For example, making an international call from point A to point B requires interconnection between network operators, similar to international roaming for mobile phones, he said.
“And the fact that these networks need to be open to ensure a seamless experience for users actually introduces certain vulnerabilities.”
He says that as networks become faster and more reliable, they are also becoming more secure, but he points out that the telecommunications industry’s security standards required by law are not strong enough. I am.
“There is no accountability for this type of security or incident,” he said. “And that’s really what should happen.”
Concerns about text safety
The hack raised concerns about text message security.
The FBI said users using Android and Apple devices can continue to send texts to users using the same device because they have internal secure messaging systems.
But the agency warns against Apple users sending messages to Android users and vice versa, instead sending text messages through third-party apps that provide end-to-end encryption. We encouraged users to do this.
Robertson and Miller recommend having a messaging app like Signal or Whatsapp installed on your phone and using it at all times.
Robertson said Signal gives users access to the “gold standard form of encryption” that is very easy to use, noting that “a very similar thing can be said about WhatsApp.”
Miller said he prefers Signal because it is nonprofit, while WhatsApp is owned by Meta.
Kirsch recommends that if people are using regular text messaging, they should never write a message that would be “put on a postcard and physically mailed.” that. “
Political goals and China’s power
In November, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued the following statement: joint statement Confirmed existence of “extensive and significant cyber espionage” targeting the United States
Stephanie Carvin, an associate professor at Carleton University and a former national security analyst, said the hack shows how extensive and well-funded China’s spying operations for the West are.
“When you hear about an offense like this, there’s not one goal,” Carvin told CBC News. “Using this data, [China] You can do a lot of very specific things when it comes to targeting, but [it] You can also develop common patterns that will help you in your future operations. ”
Neuberger, the vice presidential national security adviser, said Salt Typhoon hackers were able to access communications of senior U.S. government officials, but he did not believe any confidential communications were compromised during a call with reporters. He said no.
Neuberger said all affected companies have responded, but have not yet stopped the hackers from accessing their networks.
“Therefore, until U.S. companies address their cybersecurity gaps, there is a continued risk of communications breaches,” he said.
A spokesperson for the Chinese embassy in Washington denied that China was involved in the hacking activity.
“The United States needs to stop cyberattacks against other countries and refrain from using cybersecurity to slander and slander China,” Liu Pengyu said.
