U.S. officials advise Americans to utilize encrypted messaging applications in the wake of an unprecedented cyberattack on telecom giants like AT&T and Verizon to protect their communications from foreign hackers.
The hacking attack, which Microsoft dubbed Salt Typhoon, is still ongoing and is among the biggest intelligence breaches in American history. In a press conference on Tuesday, officials declined to provide a timeline for announcing that the nation’s telecommunications networks are clear of intruders. China hacked AT&T, Verizon, and Lumen Technologies to spy on consumers, officials have previously told NBC News.
A request for comment from a representative of the Chinese Embassy in Washington, D.C., was not immediately answered.
During the Tuesday call, Jeff Greene, executive assistant director for cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency, and a senior FBI official who asked not to be identified both advised Americans who wished to reduce the likelihood of China intercepting their communications to use encrypted messaging apps.
Our recommendation, which we have discussed internally, is not new: encryption is your friend, whether you can utilize encrypted phone communication or text messaging. According to Greene, encryption will make it hard for the opponent to intercept the data, even if they manage to do so.
Using a smartphone that automatically receives timely operating system updates, responsibly managed encryption, and phishing-resistant multi-factor authentication for email, social media, and collaboration tool accounts would be beneficial for anyone wishing to further secure their mobile device communications, according to the FBI official.
Greene claimed that because of the enormity of the telecom breach, it was hard for the agencies to forecast when we would experience complete eviction.
According to the FBI agent, the hackers typically accessed three different kinds of data.
One kind has been call records, also known as metadata, which display the time and numbers of phone calls. The FBI has no plans to notify those whose phone metadata was compromised, and the hackers targeted information in the Washington, D.C., area.
Live phone calls to some targets have been the second kind. The FBI official would not say how many alerts were sent to the campaign’s targets, but in October, the offices of Senate Majority Leader Chuck Schumer, D-N.Y., and the presidential campaigns of Kamala Harris and Donald Trump told NBC News that they had received notification from the FBI that they were being targeted.
The third has been the systems used by telecom providers in accordance with the Commission on Accreditation for Law Enforcement Agencies (CALEA), which permits intelligence and law enforcement organizations to monitor the communications of persons under court orders. The Foreign Intelligence Surveillance Court, which handles some U.S. intelligence court orders, may include classified court orders in CALEA systems. If any classified material was accessed, the FBI official would not comment.
End-to-end encrypted apps have long been recommended by privacy advocates. End-to-end encryption is automatically applied in both WhatsApp and Signal conversations and messages. Both calls and texts can be encrypted from beginning to end using Google Messages and iMessage.
Since they have long opposed complete end-to-end encryption, which prevents law enforcement from accessing digital content even with a warrant, the FBI and other federal law enforcement agencies have a complex relationship with encryption technology. However, the FBI has also backed encryption techniques that, under specific conditions, do grant law enforcement access.
According to the FBI official, the United States does not think the hacking campaign was an attempt to influence the outcome, even though it was initially made public in the run-up to the election. Instead, it is a large-scale, conventional espionage operation by China to obtain intelligence on American politics and government.
We consider this to be a campaign of cyber espionage, no different from any other strategy. According to the FBI official, their approach was undoubtedly extremely detailed regarding the telcos and ISPs, but it falls under the category of cyber espionage.
One of the Senate’s most vocal privacy advocates, Ron Wyden, D-Ore, blasted America’s reliance on CALEA in a statement to NBC News for leaving such private data unsecured.
According to him, China and other enemies can take communications from AT&T, Verizon, Microsoft, and Google when those businesses are unavoidably compromised.
Note: Every piece of content is rigorously reviewed by our team of experienced writers and editors to ensure its accuracy. Our writers use credible sources and adhere to strict fact-checking protocols to verify all claims and data before publication. If an error is identified, we promptly correct it and strive for transparency in all updates, feel free to reach out to us via email. We appreciate your trust and support!