Neuberger, a senior US government official, told journalists that a large number of Americans’ metadata had been stolen by Salt Typhoon and that the attack was ongoing.
“We do not believe it’s every cell phone in the country, but we believe it’s potentially a large number of individuals that the Chinese government was focused on.”
Officials from the FBI and CISA have recommended that Americans switch to encrypted messaging apps to minimise the chance of Chinese hackers intercepting their messages.
“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication,” they said.
Loading
“Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible.”
Encrypted messaging apps include iMessage, Facebook’s Messenger app and Signal.
Have Australians been affected?
Potentially, though there’s not yet any public evidence that Salt Typhoon is active in Australia.
“While Salt Typhoon has been observed in US telco networks – and appears to be still active there – there is not yet any public evidence the group is active in Australia,” CyberCX’s Grant Walsh said. “However, it’s important to note that ACSC – and global partner agencies – would not jointly issue detailed guidance if the threat was not real.
“Australian telco networks have invested significantly in some of the most mature cyberdefences in Australia. But the global threat landscape is deteriorating, and telecommunications networks are a key target for persistent and highly capable state-based cyberespionage groups, particularly those associated with the People’s Republic of China.”
What’s the Australian government saying?
A government spokesperson issued the following statement:
“The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) assesses that Australian telecommunications organisations could be vulnerable to similar activity.
“ASD strongly encourages all telecommunications organisations to implement this guidance and ensure that they remove these vulnerabilities.
“If malicious activity is identified, ASD’s ACSC strongly recommends that organisations report the incident to ASD and seek assistance in validating and responding to this threat.”
What has China said?
Loading
China has consistently denied allegations from technology firms and the US government that it relies on hackers to carry out attacks on telecommunications infrastructure.
A spokesperson for the Chinese Embassy in Washington said in October that the “US intelligence community and cybersecurity companies have been secretly collaborating to piece together false evidence and spread disinformation” about the Chinese government supporting such attacks.
Get news and reviews on technology, gadgets and gaming in our Technology newsletter every Friday. Sign up here.