WASHINGTON (Reuters) – Chinese hackers have compromised more U.S. telecoms than previously disclosed, including Charter Communications, Consolidated Communications, and Windstream, as reported by the Wall Street Journal late on Saturday, citing sources familiar with the situation.
The hackers were able to exploit vulnerabilities in network devices from security provider Fortinet and compromised large network routers from Cisco Systems, the report stated. Beyond breaching the networks of AT&T and Verizon, the hackers also infiltrated networks belonging to Lumen Technologies and T-Mobile, according to the report.
In response to these allegations, China has denied any involvement in such activities and has accused the United States of spreading misinformation. The magnitude and extent of the reported Chinese hacking into U.S. telecommunications networks have raised concerns, prompting questions about when companies and the government will be able to reassure the American public about the issue.
According to the report, U.S. national security adviser Jake Sullivan disclosed to telecommunications and technology executives in a covert White House meeting in the fall of 2023 that Chinese hackers had gained the capability to remotely shut down numerous U.S. ports, power grids, and other critical infrastructure targets at their discretion.
The Chinese-affiliated Salt Typhoon cyberespionage operation targeted systems of AT&T and Verizon; however, the wireless carriers have since confirmed the security of their U.S. networks as they collaborate with law enforcement and government authorities. Last week, in their first acknowledgment of the attacks, both companies assured that steps had been taken to safeguard their systems.
Lumen stated that it no longer detects any evidence of the attackers in its network and confirmed that no customer data had been compromised. Similarly, T-Mobile disclosed that recent infiltration attempts into its systems had been thwarted, safeguarding sensitive customer data from unauthorized access.
Verizon informed the newspaper that a select few high-profile customers in government and politics were specifically targeted by a threat actor, and measures were taken to notify those individuals. Vandana Venkatesh, Verizon’s chief legal officer, assured the newspaper that the company had contained the activities related to this specific incident.
Both Cisco and Fortinet declined to provide comments to the newspaper regarding the matter. Previous targets of the Salt Typhoon operation reportedly included officials associated with the presidential campaigns of Democrat Kamala Harris and Republican Donald Trump.
