US Wiretap Systems Allegedly Hit by Chinese Hackers
China caught spying on the U.S. spying on its citizens
Oct 9, 2024 | Share
News
According to research conducted by the Wall Street Journal, a hacking group tied to the Chinese government penetrated the networks of U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems used for court-ordered network wiretapping. These hackers may have had access to this “vast collection of internet traffic” undetected for months.
The compromised systems were built into broadband networks to facilitate “lawful interception” of communications for law enforcement and national security purposes. In a turn of events that some are calling “all too predictable,” these powerful government spying tools meant to collect U.S. citizens’ sensitive data seem to have been exploited to steal the government’s sensitive data.
Although this attack won’t have as direct an impact on the average internet user as other high-profile data breaches, the fact that these hackers exploited vulnerabilities that the government intentionally built into our broadband infrastructure should be cause for concern. It also highlights the need for people to protect themselves and their online privacy.
Are you satisfied with the security and reliability of your internet connection?
If not, there might be a better option in your area. Enter your zip code to find out.
Spying on the spies
According to the report, this cyberattack was carried out by a Chinese hacking group dubbed “Salt Typhoon” by U.S. investigators. The group managed to gain access to government-mandated network introspection points that are used to collect data to fulfill a court-issued warrant or a national security letter request.
What makes this hack especially serious is not just that much of the information is related to issues of national security, but the fact that these backdoors are built into network infrastructure and designed to be undetectable. As such, this was not a one-time breach. Experts believe that the hacker group may have had access to these systems for months, which is perhaps the worst-case scenario for this kind of cyberattack.
The Chinese foreign ministry responded on Sunday, denying any knowledge of the attack and accusing the U.S. of creating false narratives to frame China. This is the latest in a series of cyberattacks that law enforcement officials in the U.S. have linked to alleged Chinese hacking groups.
The dangers of unchecked surveillance
There has long been a tension between the government and tech companies around security. Tech companies want to create secure products and services that protect their users from data breaches, malicious software, and other threats. Law enforcement agencies, however, want their own built-in backdoors to these security systems so that they can easily circumvent them.
Strong security measures can be a problem for law enforcement. For example, after nearly a year, federal agents still haven’t been able to get into the phone of indicted New York Mayor Eric Adams. A similar situation arose following a terrorist attack in 2015, when the FBI was able to recover one of the attackers’ cell phones. The FBI tried to compel Apple to create software to break iPhone encryption, but Apple refused.
Tech companies are wary to poke holes in their security systems because once you break them by installing a backdoor for the police, there’s no way to ensure that only authorized people will be able to use it. This latest cyberattack occurred because broadband providers were required to give law enforcement the ability to create automated systems to monitor and collect data to fulfill legally issued warrants.
The problem is that even if you trust those who are using these tools to spy on your network, there’s no way to guarantee that a malicious actor won’t find a way to use the same tools.
How can internet users protect themselves?
If you want to protect your online privacy from being compromised in an attack like this, there are a few things you can do. One of the most powerful tools you can use is a virtual private network (VPN). Using a VPN creates an encrypted connection, which would have protected people from the kind of surveillance that the systems involved in this cyberattack performed.
Another way to protect yourself online is to use strong, unique passwords for all your important accounts. You should also avoid logging into sensitive accounts like online banking using unsecured Wi-Fi networks at someplace like a coffee shop.
Author - Peter Christiansen
Peter Christiansen writes about telecom policy, communications infrastructure, satellite internet, and rural connectivity for HighSpeedInternet.com. Peter holds a PhD in communication from the University of Utah and has been working in tech for over 15 years as a computer programmer, game developer, filmmaker, and writer. His writing has been praised by outlets like Wired, Digital Humanities Now, and the New Statesman.
Editor - Jessica Brooksby
Jessica loves bringing her passion for the written word and her love of tech into one space at HighSpeedInternet.com. She works with the team’s writers to revise strong, user-focused content so every reader can find the tech that works for them. Jessica has a bachelor’s degree in English from Utah Valley University and seven years of creative and editorial experience. Outside of work, she spends her time gaming, reading, painting, and buying an excessive amount of Legend of Zelda merchandise.