US authorities have recently revealed a US telecommunications hack that was said to have compromised the networks of multiple communications companies.
The FBI and CISA released a joint statement earlier this month identifying "PRC (People's Republic of China)-affiliated actors" as the cause of the hack, which the US government says enabled the theft of customer call records data, and led to "the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity."
Chairman of the Senate Intelligence Committee Mark Warner, himself a former telecommunications executive, said "the barn door is still wide open, or mostly open" in the wake of the hack (via The New York Times). He has also called the breach the "worst telecomms hack in our nation's history."
Last month, there were unconfirmed reports that phones were targeted by the hackers owned by those affiliated with the campaign of Democratic presidential candidate Kamala Harris, along with now-President Elect Donald Trump and his running mate, JD Vance, through an infiltration of US telecomms provider Verizon.
However, the hack now seems to be more widespread than it initially appeared. It was first thought that the hackers used stolen passwords to focus on a system that taps telephone conversations and texts under court orders, but the NYT now reports that the hack moved through multiple networks across the country by exploiting "aging equipment and seams in the networks connecting disparate systems."
"This makes Colonial Pipeline and SolarWinds look like small potatoes", said Warner.
The hackers were said to be part of a group called Salt Typhoon, which reportedly has links to the Chinese government. The PRC has repeatedly denied claims by the US government that it uses hackers to break into foreign networks.
Since the hack was exposed, the intruders appear to have gone quiet. However, Senator Warner seems to think that the threat is far from over. Speaking to The Washington Post, he said: "This is an ongoing effort by China to infiltrate telecom systems around the world, to exfiltrate huge amounts of data"
It's not known at this point exactly how many telecommunications providers were affected. However, according to Warner, booting the hackers out of the system entirely could involve replacing "thousands of pieces of equipment across the country", including older models of routers and switches.
"Unlike some of the European countries where you might have a single telco, our networks are a hodgepodge of old networks. The big networks are combinations of a whole series of acquisitions, and you have equipment out there that’s so old it’s unpatchable."
It's believed that encrypted communications were unaffected by the hack, which may comes as some comfort to targeted individuals who primarily used platforms like Signal or WhatsApp to communicate. Still, given the extent of the breach here, it looks like this is likely to be a difficult hole in the US communications system to fix.