The NSA is investigating whether Chinese hackers breached US telecommunications firms

The US is in the early stages of an investigation into potential Chinese hacking of US telecommunications companies, according to a top intelligence official.

National Security Agency Director General Timothy Haugh said the NSA, along with other government agencies and some companies, “will be looking deeply” into the cases, but that it was premature to talk about specific firms.

US intelligence officials believe a Chinese hacking group that Microsoft Corp. at Salt Typhoon could have been inside US telecommunications for months and found a route to an access point for court-authorized wiretapping, according to another person familiar with their views. Such hacks would represent a serious security breach, according to the second person.

The Wall Street Journal previously reported that AT&T, Verizon and Lumen Technologies were among those targeted in the campaign, and that Chinese hackers may have accessed information from systems used by the federal government for legal wiretapping.

AT&T and Lumen declined to comment. Neither Verizon nor the Chinese Embassy in Washington immediately responded to requests for comment.

The NSA has warned as far back as 2022 that telecommunications infrastructure is vulnerable to Chinese hacking, Haugh told reporters at the Cipher Threat Conference in Sea Island, Georgia.

One such NSA advisory, from June 2022, warned that Chinese hackers were looking to get “an initial foothold” in telecommunications organizations and network service providers through bugs in devices such as some Cisco Systems Inc. routers, before looking for users and critical systems.

Haugh, a four-star Air Force general who also took over as head of US Cyber ​​Command in February, described China as “the most daunting” of the threats to the US in cyberspace. US cyber officials have warned since last year that Chinese hackers are penetrating critical infrastructure across the country. The goal, officials concluded, is to lie in wait to cut off large swaths of crucial services, such as electricity and water supplies, during a future crisis, preventing any U.S. military response.

Although the US has called on a number of companies to help uncover cases of such intrusions, government officials said earlier this year that they had so far discovered only the tip of the iceberg.

“Critical infrastructure is under constant attack,” Harry Coker, the US national cyber director, told Sea Island conference attendees in an earlier panel.

Copyright 2024 Bloomberg.