Chinese hackers have compromised the networks of telecommunications providers as part of a wide cyberespionage campaign, the US government said on Wednesday.
According to a joint alert from the US cybersecurity agency CISA and the FBI, an investigation into China’s potential targeting of telecom infrastructure “has revealed a broad and significant cyber espionage campaign”.
The US government agencies say that China-linked threat actors have hacked into telecom providers to steal call records and data and to spy on individuals.
“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders,” the alert reads.
While no specific details on the attacks have been released, CISA and the FBI say they continue to investigate the campaign. Potential victims of these attacks are encouraged to contact either agency for assistance.
The alert comes shortly after a Wall Street Journal report that the Consumer Financial Protection Bureau (CFPB) had instructed employees to minimize the use of mobile phones for work-related activities, in light of newly uncovered Chinese hacking.
CFPB reportedly told employees to avoid using voice calls and text messages to discuss nonpublic data, and rely on secure platforms like Microsoft Teams and Cisco WebEx instead.
Multiple reports have suggested that a China-linked cyberespionage group tracked as Salt Typhoon, FamousSparrow, and GhostEmperor hacked several major broadband providers in the US, including AT&T, Verizon, and Lumen Technologies.
A September report from WSJ pointed to Salt Typhoon’s hacking into the systems of US internet service providers (ISPs).
Last week, Bloomberg reported that Chinese state-sponsored threat actor Volt Typhoon had hacked Singapore-based Singtel in preparation for the attacks against US wireless carriers.
China, in the meantime, claims that Volt Typhoon is made up by the US and its allies. Volt Typhoon made it to the spotlight roughly a year ago, after reports that it had been targeting critical infrastructure organizations.
Related: China’s Volt Typhoon Rebuilding Botnet
Related: Chinese Hackers Target Tibetan Websites in Malware Attack, Cybersecurity Group Says
Related: China-Linked Cyberespionage Operation Suggests Interest in SCADA Systems
Related: China-Linked ‘BlackTech’ Hackers Start Targeting U.S.