US officials on Friday said Chinese-affiliated hackers were able to infiltrate the nation’s commercial telecommunications infrastructure – and now several media outlets are reporting the bad actors may have gotten their hands on the phone records of Trump, JD Vance, and possibly Harris campaign staffers.
With less than two weeks before the US presidential election, the New York Times reported on Friday that a China-affiliated threat actor was discovered targeting communications from phones used by former President Donald Trump and vice presidential running mate, Ohio Senator JD Vance.
The latest foreign-threat campaign is said to be “a wide-ranging intelligence-collection effort,” that also is reported to have targeted the communications of democratic rival Vice President Kamala Harris' staff, according to Times' sources familiar with the matter.
“The US Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China (PRC),“ the FBI and US Cybersecurity and Security Infrastructure Agency (CISA) said in a statement released Friday.
It appears the PRC hackers were able to successfully gain access to Verizon phone systems, after the FBI “identified specific malicious activity targeting the sector,” according to the joint statement.
Cybersecurity insiders have identified Salt Typhoon, a known nation-state adversary and Advanced Persistent Threat (APT) group sponsored by the Chinese government, as the possible perpetrators behind the cyber attacks.
In what was described as “an active and highly sensitive national security case,” the Times said the phone numbers of Trump, Vance, and several unnamed individuals (from within the government and beyond), were targeted in the attacks – which could have exposed sensitive text exchanges, caller IDs, and phone numbers, revealing how often and how long those communications took place.
Joint Statement by FBI and CISA on People's Republic of China Activity Targeting Telecommunicationshttps://t.co/pkuMNDU7BQ pic.twitter.com/80IwZehVcb
undefined FBI (@FBI) October 25, 2024
New York Senator Chuck Schumer, the state's majority leader was also reportedly targeted, the Times said.
According to the newspaper, security officials said they were “deeply concerned about the potential extent of compromised data and the wide range of possible victims.”
Beijing-threat group Salt Typhoon possibly behind attacks
Last month, Salt Typhoon was reported by the Wall Street Journal to have breached several internet service providers (ISPs) in the US, including Verizon, AT&T, and Lumen Technologies.
The APT – also referred to as GhostEmperor and FamousSparrow and said to have been operating freely since at least 2020 – is known for targeting government entities and telecom companies, often using anti-forensic and anti-analysis techniques to evade detection.
In an October 18th letter addressed to CISA director Jen Easterly, the Republican Homeland Security Committee requested a briefing, set to take place on Nov 1st, to address the September ISP hacks.
“If reporting about Salt Typhoon’s level of network access is accurate, the PRC could influence communications by rerouting internet traffic, or gain valuable information by accessing systems for lawful wiretapping requests. In other words, this intrusion would significantly jeopardize Americans’ right to privacy and broader US national security interests,” the letter stated.
The letter also mentioned that CISA was participating in a new “emergency team” to address the hack, but said the effort was not enough to mitigate the Salt Typhoon threat.
What now?
To address this latest unattributed attack, FBI and CISA officials said once the unauthorized activity was discovered, the affected telecom companies were “immediately notified, rendered technical assistance, and rapidly shared information to assist other potential victims.”
As the investigation continues, federal agencies say they are “aggressively collaborating” with one another and working closely with industry partners to disrupt any further threats and boost cyber defenses across the commercial telecoms sector.
The government is urging any organizations that suspects it may have been targeted to contact either a local FBI field office or CISA directly.
It's also still unclear 'what, and if any' communications may have been taken from Trump and Vance’s phone records. The New York Times reported investigators were working to determine that information.
Verizon, who said it was working with law enforcement on the matter, noted it was aware of a “sophisticated attempt” to target US telecoms and gather intelligence.
Although Trump and his staff have not confirmed the Times report, Trump’s campaign’s communications director Steven Cheung, said Vice President Harris has emboldened China and Iran to attack US infrastructure to prevent Trump from returning to office, Reuters said on Friday.
In a statement responding to the allegations, a spokesperson for the Chinese embassy in Washington said “The presidential elections are the United States’ domestic affairs. China has no intention and will not interfere in the U.S. election. We hope that the US side will not make accusations against China in the election."
As of Friday, the Harris campaign has not commented on the FBI and CISA bulletin or media reports.
Your email address will not be published. Required fields are markedmarked