White House confirms ninth US telecom breach in Chinese cyberattack
Hacker using a computer with a Chinese flag in the background. (Getty Photo)
The White House confirmed Friday that a ninth American telecommunications company has fallen victim to a sweeping Chinese cyber-espionage campaign targeting critical infrastructure in the United States and abroad.
The hacking group, known as “Salt Typhoon” — and operating under aliases such as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286 — has been active since at least 2019. It has been linked to breaches of government and telecom networks worldwide.
White House Deputy National Security Adviser Anne Neuberger disclosed the latest breach during a press conference, spotlighting ongoing vulnerabilities within the private sector’s cybersecurity protocols.
“The reality is that China is targeting critical infrastructure in the United States. Those are private sector companies, and we still see companies not doing the basics,” Neuberger said, as reported by Bloomberg. “That’s why we’re looking forward and saying, ‘Let’s lock down this infrastructure.’ And frankly, let’s hold the Chinese accountable for this.”
The discovery of this breach coincides with new guidance from the Biden administration aimed at helping organizations identify and mitigate Chinese cyberactivity. Neuberger reassured reporters that “at this time, we don’t believe any classified communications have been compromised.”
CISA calls for encryption
Despite the measures underway, challenges remain. A senior official from the Cybersecurity and Infrastructure Security Agency (CISA) acknowledged the agency cannot confirm whether Salt Typhoon has been fully removed from the affected systems.
In response, CISA has urged government officials to transition to encrypted messaging platforms, such as Signal, to reduce the risk of interception. The agency has also issued technical guidelines for telecom operators to strengthen their defenses against the group’s known tactics.
Escalating US countermeasures
The Biden administration is ramping up actions against Chinese entities linked to cybersecurity threats. According to The New York Times, the U.S. government plans to shut down the remaining operations of China Telecom within the country. Investigations into TP-Link routers are also underway, with potential restrictions expected next year if security concerns are validated.
Additionally, legislative and regulatory initiatives are being introduced to reinforce America’s telecommunications defenses. Sen. Ron Wyden announced his intention to propose a bill aimed at securing U.S. networks. Meanwhile, Federal Communications Commission Chairwoman Jessica Rosenworcel has vowed to act “urgently” to mandate stronger protections for telecom carriers.
The coordinated efforts underscore the urgency of addressing vulnerabilities as cyber threats from China continue to pose risks to critical U.S. infrastructure.
