The Chinese advanced persistent threat (APT) known as Salt Typhoon has targeted the second-largest wireless carrier in the US, T-Mobile, as part of a widescale cyber-espionage operation. Although T-Mobile claims no sensitive data was stolen, federal agencies disagree, stating that attackers accessed call records and private communications of targeted individuals.
According to sources from the FBI and Cybersecurity and Infrastructure Security Agency (CISA), Salt Typhoon gained access to sensitive information about high-ranking US national security officials, law enforcement surveillance requests, and even call times and participants. The attack is part of a systematic campaign to gather intelligence on US officials and disrupt communications for China’s interests.
Industry experts warn that the wave of recent attacks by Salt Typhoon has left telecom providers vulnerable and at risk of further compromise. Experts expect more attacks in the coming months as the threat actor works to access phone lines and records of national security officials and politicians.
T-Mobile is not yet aware of the full impact of the attack, with the company acknowledging only that there have been no significant impacts to T-Mobile systems or data. However, experts note that this lack of awareness poses a risk to US consumers, as the actual extent of the breach remains unknown.
The incidents demonstrate the need for telecom providers to act fast to shore up cybersecurity efforts and protect sensitive information from organized cybercriminal groups. With China’s interests at stake, it is essential for companies like T-Mobile to prioritize cybersecurity and maintain robust security measures to prevent similar attacks in the future.
Source: https://www.darkreading.com/cloud-security/salt-typhoon-tmobile-telecom-attack-spree