(C) Alec Muffett's DropSafe blog.
Author Name: Alec Muffett
This story was originally published on allecmuffett.com. [1]
License: CC-BY-SA 3.0.[2]
Chinese hackers said to have collected audio of American calls
2024-10-27 00:00:00
Chinese state-affiliated hackers have collected audio from the phone calls of U.S. political figures, according to three people familiar with the matter. Those whose calls have been intercepted include an unnamed Trump campaign adviser, said one of the people. The hackers are said to be part of a Chinese government-affiliated group that American researchers have dubbed Salt Typhoon. They were able to collect audio on a number of calls as part of a wide-ranging espionage operation that began months ago, according to the people, who spoke on the condition of anonymity because a federal investigation is underway. The government is still seeking to determine how much audio the hackers have, one of the people said.
They were also able to access unencrypted communications, including text messages, of the individual, the people said. End-to-end encrypted communications such as those on the Signal platform are believed to have not been hacked, they said.
Advertisement
The development heightens concerns over the extent of the infiltration as the 2024 election is in high gear as well as the potential threat to long-term national security.
The FBI declined to comment on the matter. A spokesman for the Chinese Embassy in Washington has previously said it was unaware of the operation.
The FBI and other U.S. agencies are still investigating the full extent and nature of the espionage campaign. The hackers targeted the phones of former president Donald Trump, who is running to regain the White House, and his running mate JD Vance, the New York Times first reported Friday. They were thought to have targeted information about call logs, and there is no evidence so far that the hackers listened in on calls of the two Republicans at the top of the ticket.
The number of victims identified to date is relatively low — fewer than 100 — but more may emerge as investigations continue, according to two people familiar with the matter.
Advertisement
One reason for the restrained victim count at this point may be that the hackers saw the access as “exquisite” or highly valuable and wanted to limit activity to avoid detection, said a former senior U.S. cyber operations official. That would imply that they were not confident of their ability to regain access once detected, the former official said. Or it may be simply that investigators are seeing only the tip of the iceberg, they said.
Separately, the Salt Typhoon group is also thought to have targeted the system that tracks lawful requests for wiretaps made by the federal government of carriers. The motive there could be to figure out who the FBI and other federal agencies have under surveillance, said people familiar with the matter.
The matter is so serious that the White House earlier this month set up an emergency multiagency team to ensure all relevant agencies have visibility into the investigation. The establishment of a “unified coordination group” triggers a separate mandatory investigation by a public-private Cyber Safety Review Board, which in this case will probe the lapses that led to the intrusions. The board is led by the Department of Homeland Security and includes cyber experts from industry. It’s unclear when the probe will begin, officials said.
Advertisement
The wide-ranging operation has involved at least 10 telecom companies, including major carriers such as AT&T, Verizon and Lumen.
At least one U.S. official was notified late last week that a personal cellphone had been accessed by the Salt Typhoon hackers, said one of the people familiar with the matter. The hackers were targeting phone logs, SMS text messages and other data on the device, said the person. It was not clear whether audio calls were successfully intercepted for that official, the person said.
The hackers have tried to get inside the cellphones used not only by Trump and Vance but also others working on their campaign.
As previously reported, Democrats were also targeted in the hacking efforts, including the staff of Senate Majority Leader Charles E. Schumer (D-New York) as well as the Harris campaign, U.S. officials familiar with the matter said on Friday, a reflection that the targeting is bipartisan.
Advertisement
The Trump-Vance campaign was notified of the targeting by the FBI last week after the attack was discovered by Verizon, the people said. While the campaign is waiting on a full list of individuals that may have been affected, several senior staffers were given new phones.
Targeting candidates as well as leaders for espionage is standard practice by world powers, and U.S. officials said they do not consider the latest attempts to be election interference. However, the Trump campaign has sought to blame the White House and Harris for allowing a foreign adversary to infiltrate U.S. companies to target the campaign.
It was not clear whether the attempts against Trump and Vance’s phones were successful.
The FBI issued its first statement publicly confirming the Salt Typhoon intrusions and its investigation on Friday.
Advertisement
“The U.S. government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China,” the agency said in a joint release with the Cybersecurity and Infrastructure Security Agency. The statement said that after detecting the intrusions, the FBI and CISA “notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims.”
[END]
[1] URL:
https://www.washingtonpost.com/national-security/2024/10/27/chinese-hackers-cellphones-trump/
[2] URL:
https://creativecommons.org/licenses/by-sa/3.0/
DropSafe Blog via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/alecmuffett/
