WASHINGTON (AP) — Federal authorities have called on telecommunications companies to strengthen their network security following a broad cyberespionage campaign orchestrated by Chinese hackers. The hacking effort, which granted officials in Beijing access to private communications, including phone calls and text messages, targeted an unknown number of Americans.
The FBI, along with the Cybersecurity and Infrastructure Security Agency (CISA), issued new guidelines aimed at eliminating the hackers’ access and preventing future cyberattacks. Despite extensive investigations, U.S. officials have stated that the full scope of China’s cyber operations remains unclear, including whether the hackers continue to hold access to U.S. networks.
The U.S. government’s warning was issued jointly with security agencies in New Zealand, Australia, and Canada, part of the Five Eyes intelligence alliance, which also includes the U.K. and the U.S. The international collaboration highlights the extensive reach of the Chinese hacking campaign, which has targeted telecom networks globally.
Known as Salt Typhoon by cybersecurity analysts, the cyberespionage campaign first came to light earlier this year. Hackers infiltrated telecommunications networks to extract metadata on a large number of customers, including call and text timestamps, as well as recipient information. In a smaller subset of cases, the hackers accessed the actual audio of phone calls and the content of text messages.
The FBI has reached out to victims whose communications were directly compromised, many of whom work in government or political roles. However, telecom companies are responsible for notifying the larger group of customers whose data was accessed but who were not directly affected.
As of now, U.S. authorities are still unsure of the total number of victims and whether the hackers maintain any access to the compromised networks. The FBI noted that some of the targeted information was related to U.S. law enforcement investigations and court orders, raising concerns that the hackers sought to breach sensitive programs covered under the Foreign Intelligence Surveillance Act (FISA), which allows American intelligence agencies to monitor foreign nationals suspected of espionage.
While initially thought to be driven by the aim of accessing specific intelligence, officials now believe the hackers had a broader objective: to infiltrate U.S. telecommunications infrastructure to gain extensive access to personal and governmental data.
To counter such threats, the FBI and CISA have urged telecom companies to adopt robust security measures, focusing on encryption, centralisation of systems, and constant network monitoring. These recommendations aim to disrupt the Salt Typhoon operation and prevent similar future attacks by both China and other potential adversaries. Jeff Greene, CISA’s Executive Assistant Director for Cybersecurity, warned that the hackers could return even if their access is blocked.
More Read
Several recent major hacking incidents have been traced back to China, with allegations that Beijing is attempting to steal sensitive technical and government secrets, as well as access critical infrastructure such as the power grid. In September, the FBI revealed it had disrupted a large Chinese hacking operation, which involved infecting over 200,000 consumer devices—such as cameras, video recorders, and home routers—with malicious software. These devices were then used to form a botnet, which could be leveraged for further cybercrimes.
In October, Chinese hackers were also said to have targeted the phones of political figures, including then-presidential candidate Donald Trump, his running mate Sen. JD Vance, and Vice President Kamala Harris, among others.
China has consistently denied allegations of cyber espionage. On Tuesday, a spokesperson for the Chinese embassy in Washington dismissed the accusations as “disinformation” and reiterated Beijing’s stance. “China firmly opposes and combats all kinds of cyberattacks,” spokesperson Liu Pengyu stated. “The U.S. needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China.”
As tensions over cyber security escalate, this latest breach highlights the vulnerabilities in global telecommunications systems and the ongoing threats posed by state-sponsored hacking efforts. While the U.S. and its allies work to bolster defences, experts warn that cyberattacks will remain a significant challenge for both governments and private sector entities in the years to come.
