Salt Typhoon Chinese Hacking Group Targets US Telecom Firms in Major Metadata Theft Campaign

Thursday 05 December 2024 - 10:36

The United States has revealed a significant cyber-espionage operation conducted by a Chinese hacking group, named Salt Typhoon, which has been linked to the theft of sensitive metadata. The group has compromised a vast amount of personal and professional data belonging to American citizens and government officials, including senior political figures. The targeted companies span across various sectors, with at least eight major telecom firms in the US among those affected.

Deputy National Security Adviser Anne Neuberger confirmed the breach, stating that while Salt Typhoon gained access to crucial communications of US government personnel, classified communications were not compromised. This ongoing cyberattack has extended beyond American borders, affecting numerous global telecommunications providers and infrastructure companies.

The Salt Typhoon hacking operation marks just the latest in a series of cyberattacks allegedly originating from China. Federal authorities previously reported similar attacks in October, targeting high-profile figures such as then-presidential candidate Donald Trump and his running mate JD Vance, along with individuals linked to Vice President Kamala Harris. Other companies such as Verizon, AT&T, T-Mobile, and Lumen have also faced hacking attempts by Chinese-linked groups. However, both T-Mobile and Lumen have denied any breach of their customer data.

In response to these allegations, the Chinese embassy in Washington dismissed the claims, accusing the US of using cybersecurity issues to unfairly tarnish China’s image. The embassy spokesperson, Liu Pengyu, called for an end to US cyberattacks on other nations and criticized the use of cybersecurity to create tension.

While the stolen metadata does not include the content of phone calls, it offers a detailed view of individuals' communication patterns, including call duration, contacts, and locations. Such information can be used to gather highly sensitive insights into a person's daily life, professional activities, and private relationships.

A Senate Commerce Subcommittee is scheduled to hold a hearing on December 11 to address the Salt Typhoon hacking group and the broader security risks facing global communications networks. This hearing aims to investigate how the theft of metadata is evolving and the potential implications for national security and privacy.

This breach underscores the growing sophistication and scale of cyberattacks, posing significant challenges for telecom companies and governments worldwide in safeguarding data and communication infrastructures from foreign threats.