News
US Expands Cyber Countermeasures as List of China Telecom Hack Victims Grows
Comments
Link successfully copied
Deputy national security adviser for cyber and emerging tech Anne Neuberger (L) speaks as deputy national security adviser for international economics and Deputy Director of the National Economic Council Daleep Singh (R) listens during a White House daily briefing at the James S. Brady Press Briefing Room of the White House in Washington, on Feb. 18, 2022. (Alex Wong/Getty Images)
By Eva Fu
12/27/2024Updated: 12/28/2024

The White House has identified a ninth U.S. telecom network that Chinese state hackers have compromised in a sweeping intrusion, a senior official said on Dec. 27, as authorities take steps to prevent similar cases of cyberespionage and hold the cyberattackers liable for their actions.

Anne Neuberger, deputy national security adviser for cyber and emerging technology, revealed the new information in a press briefing as officials continue to assess the scope of the cybersecurity breach from China’s state-backed Salt Typhoon hacking group, which has carried out a wide-ranging espionage campaign since 2022.

The hacking operation has affected major telecommunications companies and dozens of nations, with Verizon, AT&T, and CenturyLink among the targets. Officials said in early December that these hackers are still embedded in U.S. infrastructure.

Neuberger said in an earlier conference that the hackers had focused on “very senior” American political figures and stolen vast troves of American data. She said on Friday that they still don’t have a good sense of the total scope of the breach.

“Our understanding is that a large number of individuals were geolocated in the Washington DC, Virginia area,” she said.

Only a fraction of them had their communications affected, Neuberger said, as the hackers are more interested in eavesdropping on U.S. government officials.

“The scale we’re talking about is far larger on the geolocation, probably less than 100 on the actual individuals,” she said.

As officials scramble to understand the impact of the Chinese cyber intrusion, they also began a multi-agency effort to fortify U.S. infrastructure against such operations.

Shortly after the briefing, the Justice Department issued a final rule naming China, Cuba, Iran, North Korea, Russia, and Venezuela as countries of concern over their ambitions to exploit sensitive U.S. personal and government-related data by bulk. Under the rule, certain individuals and groups whom authorities deemed as threat actors are barred from transactions involving six types of U.S. data, including certain personal identifiers such as social security numbers or government identification numbers, precise geolocation data, biometric identifiers, human genetic or molecular data, personal health data, and personal financial data.

Those transactions “pose an unacceptable risk to the national security,” a Justice Department statement said, noting that those adversarial nations could use the data to conduct cyber espionage, malign foreign influence, bolster military capabilities, and “track and build profiles on U.S. persons,” including military and intelligence officers for blackmail, coercion, and espionage. These data could also become tools for these states to spy on its targets, such as dissidents, political opponents, or marginalized communities, to intimidate them and curtail freedoms, the department said.

The regulation applies to entities over which China has an ownership of 50 percent or more, those that principally conduct business in China or are organized under Chinese law, their contractors and employees, and foreign individuals who primarily reside in China.

Violators could face a civil fine of up to $368,136 or twice the amount of the transaction involved, whichever is greater. Criminal penalties include up to $1,000,000 in fines and up to 20 years in prison.

The Department of Health and Human Services on Dec. 27 also proposed a rule to protect the U.S. health care system from cyberattacks.

The proposed measure would modify the Health Insurance Portability and Accountability Act of 1996, making the first change to the act’s security rule in 11 years, according to a statement. It would mandate stepped-up protection for personal health information by health plans and health care clearinghouses, as well as most health care providers and their business associates.

The department’s Office for Civil Rights said the number of individuals impacted by large health care breaches soared more than tenfold between 2018 and 2023, and is likely to grow.

In the wake of the Salt Typhoon hacking campaign, the Cybersecurity and Infrastructure Security Agency has urged “individuals who are in senior government or senior political positions” to “immediately” stop using regular phone calls and text messages. They should only use end-to-end encrypted communications and “assume that all communications between mobile devices—including government and personal devices—and internet services are at risk of interception or manipulation,” the agency warned.

The hacking group has targeted now-Vice President-elect JD Vance and now-president-elect Donald Trump, as well as Vice President Kamala Harris.

An engineering student takes part in a hacking challenge near Paris on March 16, 2013. (AFP via Getty Images/Thomas Samson)

An engineering student takes part in a hacking challenge near Paris on March 16, 2013. (AFP via Getty Images/Thomas Samson)

To deter Chinese hacking attempts, Neuberger said, the first step is to build a “defensible infrastructure.”

“We wouldn’t leave our homes, our offices unlocked, and yet our critical infrastructure, the private companies owning and operating our critical infrastructure often do not have the basic cybersecurity practices in place,” she said in the press call.

Authorities are also scrutinizing government contracts to enforce stricter cybersecurity practices, Neuberger said. In doing so, she said, the United States is following in the footsteps of Australia and the UK.

“The nation’s secrets, the nation’s economy, lies on our telecommunications sector,” she said.

“When I talked with our UK colleagues and I asked, ‘Do you believe your regulations would have prevented the Salt Typhoon attack?’ their comment to me was, we would have found it faster, we would have contained it faster.”

Neuberger said it was a “powerful message.”

In early December, the FBI, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency collectively published a guide instructing telecom companies to mitigate cyber intrusions.

“Those networks are not as defensible as they need to be to defend against a well resourced, capable offensive cyber actor like China,” Neuberger said.

In assessing the Salt Typhoon breach, she said, authorities have found one administrator account that had access to more than 100,000 routers.

“So when the Chinese compromised that account, they gained that kind of broad access across the network,” she said.

Neuberger said officials are looking to segment the telecom networks so that in the event of a cyber attack, the potential damage could be contained.

The Federal Communications Commission on Dec. 5 proposed cybersecurity rules requiring communications service providers to certify annually that they have a plan to protect against cyberattacks.

The rule is waiting for a vote by Jan. 15, Neuberger said, noting that they are eager to see bipartisan support across the commission to see it through.

The Chinese were “very careful about their techniques. They erased logs,” she said. And as “we will never know regarding the scope and scale of this,” she said, the United States is “looking forward.”

An appeals court on Tuesday upheld the Federal Communications Commission’s decision to bar China Unicom Americas, the U.S. operation of a top Chinese state wireless carrier, from accessing the U.S. telecom market.

Neuberger said more actions will be coming out in the next few months.

“Let’s lock down this infrastructure. And frankly, let’s hold the Chinese accountable for this,” she said.

Share This Article:
Eva Fu
Author
Eva Fu is a New York-based writer for The Epoch Times focusing on U.S. politics, U.S.-China relations, religious freedom, and human rights. Contact Eva at eva.fu@epochtimes.com

©2023-2024 California Insider All Rights Reserved. California Insider is a part of Epoch Media Group.