What happened
A group of Chinese hackers, known as “Salt Typhoon”, has been implicated in a major cyberattack targeting US telecoms, including Verizon, AT&T, and Lumen.
The hackers allegedly gained access to a federal wiretapping systemused for lawful surveillance of suspected criminals, and may have had access to this system for months before being detected.
The breach allowed the hackers to gather information on Chinese surveillance targets tracked by US agencies. The scope of the breach is still under investigation, but it is believed that the attack may have also involved other internet service providers.
The hackers exploited zero-day vulnerabilities in telecom infrastructure, including unpatched Cisco routers, to carry out the attack. While the exact extent of the data accessed remains unknown, it is feared that the hackers may have gathered more than just surveillance data.
The FBI, along with security teams from Microsoft and Google’s Mandiant, is actively working to mitigate the breach and assess the full impact.