Massive Chinese Cyberattack Is a Disaster of Unimaginable Proportions
- Oct 8, 2024
- 3 min read
Updated: Oct 8, 2024
Source: Hot Air News
Using a security loophole that allows the US government access to anybody's electronic traffic, Chinese hackers gained access to an unknown quantity (perhaps all) of internet traffic on American networks. In an exclusive report in Saturday's Wall Street Journal the secret breach was revealed.
Click the image below to see the full article:
The attack SOUNDS like the hackers could potentially have access to everything that crosses certain networks by using backdoor access that the US government mandates to permit wiretapping when authorized by a warrant. In other words, there is a built-in insecurity to the networking systems in order to allow government officials to tap your data. The Chinese got access to the backdoor.
A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said.
Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said.
The wording here is a little vague, and I think intentionally so, about whether the Chinese had access ONLY to data that the US government was wiretapping. That seems impossible, given that the access to wiretapping abilities is not limited to splicing wires or something like that. It is a function of software, and that software was hacked. In this case the Chinese could access whatever they chose. No doubt that didn't include everything, since there would be no way to store and make sense of it all, but as with our own government they could target whomever they wanted using the security hole built into the system.
The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn’t be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach.The attack and its significance was discovered in recent weeks and remains under active investigation by the U.S. government and private-sector security analysts. Investigators are still working to confirm the breadth of the attack and the degree to which the actors observed data and exfiltrated some of it, the people said.The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome.
-----------------------
Core provides OSINT data collection for free but we do incur time and expenses in do so. Any donation amount you can provide (one time or recurring) is highly appreciated and it helps us fund this effort of information sharing. You can donate here if you choose to opine. Thank you!
