At least eight U.S. telecommunications companies and dozens of countries were affected this week by what a senior White House official called a Chinese hacking campaign, also raising concerns about the safety of text messaging.
In a media briefing on Wednesday, US Vice Presidential Security Adviser Anne Neuberger said that a widespread hacking operation has given authorities in Beijing access to private text messages and phone conversations of unidentified Americans. details have been revealed.
A hacker group known as Salt Typhoon has been blamed for attacks targeting businesses. AT&T, Verizon, Lumen Technologies. White House officials warned that the number of affected carriers and countries could rise further.
Canadian cybersecurity experts closely following this latest breach say industry practices and government regulations that allow intelligence agencies to access communications systems are part of the problem. . These experts and U.S. law enforcement officials recommend that people take steps to protect their text messages.
“The attacks unfolding in the United States reflect historic and continuing vulnerabilities in telecommunications networks around the world, some of which are exacerbated by governments.” said Kate Robertson, a senior research fellow at Anglo-American University. Citizen Lab in Toronto studies digital threats to civil society.
Although the hack appears to be targeting U.S. politicians and government officials, experts say that regular SMS text messages, such as those provided by most wireless carriers, are not encrypted, so He points out that it is not very safe.
“We’re constantly bombarded with concerns about phishing, email scams and malicious links,” said Andrew Kirsch, a security consultant and former intelligence officer with the Canadian Security Intelligence Service (CSIS).
“This highlights the fact that another vulnerability is occurring through communications, phone calls, and text messages.”
Government agency ‘not aware’ Canadian networks are affected
The Canadian Communications Security Agency (CSE), which provides information technology security and foreign signals intelligence to the federal government, said in a statement Saturday that it is “not aware of any Canadian networks affected by this activity” at this time.
The agency further said that the Canadian Cyber Security Center, part of CSE, “works closely with Government of Canada partners and critical infrastructure providers to help protect networks and systems from cyber threats.”
Earlier this week, the Canadian Cyber Security Center announced: Joint release with the USin Australia and New Zealand, provides security advice to businesses such as mobile phone providers. “Improving visibility and strengthening communications infrastructure.”
CBC News also contacted Canada’s largest mobile phone providers, Bell, Rogers and Telus, to ask if their networks were targeted and compromised in the same attack. Rogers and Terrace did not respond prior to publication.
Bell said it was aware of “highly sophisticated” attacks in the U.S. and was working with government partners and other carriers to “identify potentially related security incidents across our networks.” said.
The carrier said it had seen no evidence of an attack but “continues to investigate and remain vigilant.”
How do these attacks occur?
Robertson said these attacks are possible in part because governments “prioritize surveillance objectives over the security of a user’s entire network.”
He said security researchers have found that legitimate “backdoors” used by governments to monitor crime and espionage through landlines and mobile phones can also be “exploited by unwanted attackers” to steal users’ lives. It said it had warned that its entire network could be at risk.
Gary Miller, a colleague at Citizen Lab who specializes in threats to mobile networks, said interconnectivity between different companies and countries in communications networks is another weak point.
For example, making an international call from point A to point B requires interconnection between network operators, similar to international roaming for mobile phones, he said.
“And the fact that these networks need to be open to ensure a seamless experience for users actually introduces certain vulnerabilities.”
Miller points out that as networks become faster and more reliable, they also become more secure, but the telecommunications industry’s security standards mandated by law are not strong enough.
“There is no accountability for this type of security or incident,” he said. “And that’s really what should happen.”
Concerns about text safety
The hack raised concerns about text message security.
The FBI said users using Android and Apple devices can continue to send texts to users using the same device because they have internal secure messaging systems.
But the agency warns against Apple users sending messages to Android users and vice versa, instead sending text messages through third-party apps that provide end-to-end encryption. We encouraged users to do this.
Robertson and Miller recommend having a messaging app like Signal or WhatsApp installed on your phone and using it at all times.
Robertson said Signal provides users with access to a “gold standard form of encryption” that is very easy to use, noting that “a very similar thing can be said about WhatsApp.”
Miller said he prefers Signal because it is nonprofit, while WhatsApp is owned by Meta.
Kirsch, a former CSIS employee, said that if people are using regular text messaging, he recommends never writing a message and never “putting it on a postcard and physically mailing it.” to control it. ”
Political goals and China’s power
In November, the FBI and the Cybersecurity and Infrastructure Security Agency joint statement Confirmed existence of “extensive and significant cyber espionage” targeting the United States
Stephanie Carvin, an associate professor at Carleton University in Ottawa and a former national security analyst, said the hack shows how extensive and well-funded China’s espionage operations targeting Western countries are. said.
“When you hear about an offense like this, there’s not one goal,” Carvin told CBC News. “Using this data, [China] You can do a lot of very specific things when it comes to targeting, but [it] You can also develop common patterns that will help you in your future operations. ”
Neuberger, the vice presidential national security adviser, said the Salt Typhoon hackers were able to access communications of senior U.S. government officials, but he did not believe any confidential communications were compromised during a call with reporters. He said no.
Neuberger said all affected companies have responded, but have not yet blocked the hackers from accessing their networks.
“Therefore, until U.S. companies address their cybersecurity gaps, there is a continued risk of communications breaches,” he said.
A spokesperson for the Chinese embassy in Washington denied that China was involved in the hacking activity.
“The United States needs to stop cyberattacks against other countries and refrain from using cybersecurity to slander and slander China,” Liu Pengyu said.
