Chinese State-Linked Cyberattack Raises Concerns Over National Security, Infrastructure

Attribution is still unclear, but The Wall Street Journal reported over the weekend that Chinese state-linked hackers have penetrated the networks of major US telecom providers, possibly aiming at wiretaps. Citing people familiar with the matter, the newspaper identifies Verizon Communications, AT&T, and Lumen Technologies as companies among those whose networks were breached.

While espionage seems a likely goal, John Terrill warns that a foothold gained in this infrastructure could be used for future operations.

POLITICO quotes, “ISPs are a target for nation states as either a pivot point into another environment or as a collection point for a lot of data that traverses their infrastructure. It’s why when you’re thinking about attacker personas and capabilities, you don’t don’t worry that much about breaking encryption – unless you’re worried about nation-states.”

Terrill further tells Industrial Cyber that targeting US surveillance capabilities is expected given their tremendous value.

“Traditional hacking techniques wouldn’t allow you to deploy a payload capable of doing the type of surveillance and traffic collection our ISPs can do. In fact, our telecommunications companies had to invent new hardware and software for this explicit purpose as existing systems couldn’t handle it.”

The more interesting question, he says, is what they were looking for.

While tapping grants law enforcement tremendous benefits, they’re a clear, prime target for espionage. “I don’t know that there is one solution to protect these systems, but this should serve as a wakeup call around the concentration risks any sufficiently powerful capability may possess.”

Updated on 10/8/24 to include further details from Industrial Cyber. Updated 10/11/24 for additions from MSSP Alert.