Chinese-linked hackers have infiltrated several major U.S. telecommunications networks, reportedly gaining prolonged access to critical wiretap systems utilised by law enforcement for surveillance, according to U.S. government sources.
This breach, confirmed in a recent statement by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), is a serious escalation in cyber espionage threats linked to the People’s Republic of China (PRC).
The FBI and CISA have outlined that PRC-affiliated hackers infiltrated networks across numerous telecommunications companies in the United States, though the specific names of these providers remain undisclosed.
However, sources such as The Wall Street Journal have noted that companies, including AT&T, Verizon, and Lumen Technologies, may have been impacted by the intrusion.
The breach allowed attackers to persist within these networks for an extended period, granting them access to large amounts of internet traffic involving millions of Americans and numerous businesses.
This sophisticated hacking operation, reportedly led by a China-backed group called “Salt Typhoon,” enabled attackers to intercept call records and also compromise private communications belonging to specific individuals.
The targeted individuals primarily include those engaged in political or governmental activities, though U.S. agencies have refrained from identifying these targets.
Reports reveal that PRC-linked actors previously targeted high-profile figures, such as Donald Trump and his running mate Senator JD Vance, pointing to the high stakes of this cyber campaign.
The breach also enabled the attackers to duplicate sensitive information subject to U.S. law enforcement requests. In compromising systems integral to fulfilling court-ordered surveillance, these hackers gained access to highly classified data, potentially undermining U.S. national security efforts.
This is the first confirmed instance of foreign hackers successfully breaching wiretap systems within U.S. telecommunication networks.
In response, the FBI and CISA have strengthened their tactics to support the affected providers, offering technical guidance and rapidly disseminating information to strengthen cybersecurity measures across the sector.
The agencies have urged any organisation suspecting an intrusion to contact their local FBI office or CISA for immediate assistance, stressing the need for strong defences as growing cyber threats from state-backed actors increase.
The investigation aims to clarify the full scope of the breach, with authorities anticipating further developments.
This incident reveals the risks posed by state-sponsored cyber campaigns, particularly from PRC-affiliated entities, as the U.S. government works to secure its telecommunications infrastructure against future attacks.
