The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) on Wednesday accused threat actors affiliated with the Peoples Republic of China (PRC) of carrying out a broad and significant cyber-espionage campaign against multiple commercial telecommunications infrastructures.
The hackers infiltrated the networks of several telecommunications companies, allowing them to gather customer call records and reach the private communications of a limited number of individuals primarily involved in government and politics.
Further, the two agencies said the hackers also duplicated certain information requested by U.S. law enforcement under court orders.
Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to unlock the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders, reads the joint statementreleasedby CISA and the FBI on Wednesday.
While the officials did not disclose the names of the telecommunications companies impacted by the hack, it did indicate that their understanding of these breaches is likely to deepen as the investigation progresses.
The agencies have also encouraged organizations that believe they were affected by the breach to contact their local FBI field office or CISA.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector.
We encourage any organization that believes it might be a victim to engage its local FBI Field Office or CISA.
The recent joint statement follows CISA and the FBIsconfirmationin late October of a hack attributed to a Chinese hacking group known asSalt Typhoon(aka Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286) that had breached some major broadband providers in the U.S., including Verizon, AT&T, and Lumen Technologies.
The joint statement also confirms previous media reports that the threat group had accessed U.S. federal government systems involved in court-authorized web connection wiretapping requests.
Read More
source: www.techworm.net