US says Chinese hackers breached multiple telecom providers
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States.
The breached entities have been warned, and the agencies are proactively alerting other potential targets of the elevated cyber activity.
"The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People's Republic of China," reads the announcement.
"After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims."
As the investigation is currently underway, not much information has been shared with the public.
Organizations that believe they might have been compromised by Chinese hackers are urged to contact their local FBI office or CISA and report it immediately.
"Agencies across the U.S. Government are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses across the commercial communications sector," concludes the announcement.
At the start of the month, it was revealed that a Chinese hacking group tracked as Salt Typhoon had breached multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies.
The operation's goal appeared to be espionage, and the hackers gained access to a communications interception system major telecoms maintain to accommodate lawful crime investigation requests by the authorities.
BleepingComputer contacted CISA and the FBI to confirm if their warnings are related to the previously reported breaches but has not received a response.
Canada targeted too
While it is expected that the United States will be targeted by elevated cyberespionage activity given the upcoming presidential elections and the culmination of influence operations, it's noteworthy that similar operations also target Canada.
The government announced on Friday that state-sponsored threat actors from China have been performing broad network scans over the past couple of months, targeting a wide spectrum of organizations.
Canada noted, however, that these scans are limited to reconnaissance and do not constitute security breaches on the mentioned entities.
Still, its statement aims to remind important organizations in the country to implement strict security measures, including multi-factor authentication protection, logging, traffic monitoring, and anti-phishing training.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Windows 11 KB5046740 update released with 14 changes and fixes
November 22, 2024APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
November 23, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024