Chinese hackers target US telecoms: What you need to know to protect your data

Tech expert Kurt “CyberGuy" Knutsson discusses how Chinese cyber espionage targets U.S. telecoms to steal Americans' information.

Dec 10, 2024 - 22:00
Chinese hackers target US telecoms: What you need to know to protect your data

U.S. telecom giants are under constant attack from Chinese hackers. A federal investigation has uncovered a massive cyber espionage campaign by the Chinese government, targeting U.S. telecommunications networks to steal Americans' information. A top White House official confirmed that at least eight U.S. telecom companies have been affected by this hacking spree. 

To combat this, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) have released advice for telecom companies to help them detect and block the hackers while preventing future attacks. I break down the details of this Chinese hacking campaign and share tips on how to keep your data safe.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

According to the FBI, hackers linked to Beijing have infiltrated the networks of "multiple" telecom companies, gaining access to customer call records and private communications of "a limited number of individuals." Since this is an espionage campaign, they’re not interested in the average Joe’s texts or call history. Instead, their targets are Americans involved in government and politics.

The hackers also tried to copy "certain information that was subject to U.S. law enforcement requests pursuant to court orders," according to the FBI. This suggests they might have been attempting to breach programs like those under the Foreign Intelligence Surveillance Act, which allows U.S. spy agencies to monitor the communications of individuals suspected of working for foreign powers.

Earlier this month, Deputy National Security Advisor Anne Neuberger shared new details about the scale of the Chinese hacking campaign. According to Neuberger, the U.S. believes the hackers managed to access communications from senior government officials and prominent political figures.

She explained that while the hackers were focused on a relatively small group of individuals, a limited number of Americans’ phone calls and texts were compromised. Neuberger also mentioned that the affected telecom companies are working to address the breaches, but none have been able to completely remove the Chinese hackers from their networks yet.

This campaign is believed to have started a year or two ago, according to the Associated Press. Authorities suspect a Chinese hacking group known as Salt Typhoon to be behind the operation.

HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

Salt Typhoon managed to access call records and private communications by exploiting decades-old back doors in major telecom providers, including AT&T and Verizon, experts believe.

"The irony here is that the back doors exploited by the Chinese are, in fact, the same back doors that are utilized by federal law enforcement for purposes of conducting legal surveillance," John Ackerly, CEO and co-founder of Virtru, a data-centric security company, told CyberGuy.

The vulnerabilities are a result of the Communications Assistance for Law Enforcement Act (CALEA), a federal law that mandates back doors in critical telecommunications infrastructure. CALEA enables law enforcement agencies to access phone records and metadata, including facilitating wiretaps, as part of authorized investigations.

"The problem with back doors is simple. They're not selective. A back door created for law enforcement is, by its very nature, a vulnerability in the system. And vulnerabilities, once they exist, can be exploited by anyone who discovers them. Both good guys and bad guys can enter back doors," said Ackerly, who previously served as a White House technology adviser.

BEWARE OF ENCRYPTED PDFs AS LATEST TRICK TO DELIVER MALWARE TO YOU

To protect private conversations and phone calls, cybersecurity experts recommend using end-to-end encrypted platforms. Jeff Greene, executive assistant director of cybersecurity at CISA, urged Americans to prioritize encrypted communication tools.

"Use your encrypted communications where you have it," Greene advised, emphasizing the importance of secure platforms. He added, "We definitely need to do that, kind of look at what it means long term, how we secure our networks."

An FBI official warned that citizens should be "using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant MFA for email, social media and collaboration tool accounts."

However, cybersecurity experts warn that these measures are not foolproof. The term "responsibly managed encryption" is problematic, as it intentionally leaves room for "lawful access," such as the back doors required by CALEA.

"It’s clear that encryption with back doors is not actually responsible at all," Ackerly said. "It’s time for the U.S. government to acknowledge and support end-to-end encryption as a stronger protection against foreign adversaries."

WHAT TO DO IF YOUR BANK ACCOUNT IS HACKED

Now that we've discussed the threat, let’s take a look at the solutions. Here are 10 ways you can keep your personal information safe.

1) Use end-to-end encrypted platforms: For private communications, prioritize platforms that offer end-to-end encryption. This ensures that only you and the intended recipient can access your messages or calls, preventing unauthorized access by hackers or other third parties.

"Anyone can take control of their own data and protect themselves from security threats by using applications that provide end-to-end encryption. Whether you’re emailing, sending messages and files or video chatting, the only way to truly ensure your data is safe from bad actors is to encrypt it as it travels," Ackerly said. "Choose an app or tool that is easy to use, so that you will actually use it."

For texting, consider apps like Signal or WhatsApp. For email services, look for ones that offer easy-to-use end-to-end encryption. These platforms ensure that your private communications remain secure from unauthorized access. See my review of the best secure and private email services here.

2) Keep your device's operating system updated: Make sure your cellphone and other devices automatically receive timely operating system updates. These updates often include important security patches that protect against new vulnerabilities exploited by hackers. For reference, see my guide on how to keep all your devices updated.

3) Enable two-factor authentication (2FA): Set up phishing-resistant 2FA on your email, social media and collaboration tool accounts. This adds an extra layer of protection, requiring more than just a password to access your accounts, making it harder for cybercriminals to steal your information.

4) Use strong antivirus software: Be aware of phishing techniques and remain skeptical of suspicious links, emails or phone calls asking for personal information. Cybercriminals often use these methods to gain access to your sensitive data.

The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

5) Encrypt sensitive data: Encrypt data on USB drives, SIM cards and laptops to protect information if devices are lost or stolen. Also, be sure to password-protect your sensitive files or folders by following these steps.

6) Implement strong password practices: Use unique, complex passwords for each account and consider using a password manager.

7) Regularly backup your data: Backing up your data helps protect against data loss from ransomware or device failure. You'll want to back up your mobile deviceMac and Windows computers.

8) Be cautious with public Wi-Fi: Use a VPN (virtual private network) when connecting to public Wi-Fi networks to encrypt your internet traffic. This makes it harder for hackers and third parties to intercept your data, especially on public Wi-Fi. A VPN masks your IP address, helping to obscure your location and online activity. While VPNs don’t directly prevent phishing emails, they reduce the exposure of your browsing habits to trackers that may use this data maliciously. With a VPN, you can securely access your email accounts from anywhere, even in areas with restrictive internet policies. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

9) Invest in personal data removal services: Consider services that scrub your personal information from public databases. This reduces the chances of your data being exploited in phishing or other cyberattacks after a breach. Check out my top picks for data removal services here.

10) Use identity theft protection: Identity theft protection services monitor your accounts for unusual activity, alert you to potential threats and can even assist in resolving issues if your data is compromised. See my tips and best picks on how to protect yourself from identity theft.

There’s no denying that the U.S. is facing a serious cyberattack that puts millions at risk. What’s even more concerning is that hackers continue to exploit telecom providers even after the issue has been made public. The government and the affected companies must prioritize addressing this threat and patching the back doors these cybercriminals are using. We’re witnessing one of the largest intelligence compromises in U.S. history.

Do you believe the current laws around encryption and lawful access are enough to protect your privacy? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.