Senior national security official said the United States looks to ‘lock down’ telecom infrastructure with stricter cybersecurity rules.
The White House has identified a ninth U.S. telecom network that Chinese state hackers have compromised in a sweeping intrusion, a senior official said on Dec. 27, as authorities take steps to prevent similar cases of cyberespionage and hold the cyberattackers liable for their actions.
Anne Neuberger, deputy national security adviser for cyber and emerging technology, revealed the new information in a press briefing as officials continue to assess the scope of the cybersecurity breach from China’s state-backed Salt Typhoon hacking group, which has carried out a wide-ranging espionage campaign since 2022.
The hacking operation has affected major telecommunications companies and dozens of nations, with Verizon, AT&T, and CenturyLink among the targets. Officials said in early December that these hackers are still embedded in U.S. infrastructure.
Neuberger said in an earlier conference that the hackers had focused on “very senior” American political figures and stolen vast troves of American data. She said on Friday that they still don’t have a good sense of the total scope of the breach.
“Our understanding is that a large number of individuals were geolocated in the Washington DC, Virginia area,” she said.
Only a fraction of them had their communications affected, Neuberger said, as the hackers are more interested in eavesdropping on U.S. government officials.
“The scale we’re talking about is far larger on the geolocation, probably less than 100 on the actual individuals,” she said.
As officials scramble to understand the impact of the Chinese cyber intrusion, they also began a multi-agency effort to fortify U.S. infrastructure against such operations.
Shortly after the briefing, the Justice Department issued a final rule naming China, Cuba, Iran, North Korea, Russia, and Venezuela as countries of concern over their ambitions to exploit sensitive U.S. personal and government-related data by bulk. Under the rule, certain individuals and groups whom authorities deemed as threat actors are barred from transactions involving six types of U.S. data, including certain personal identifiers such as social security numbers or government identification numbers, precise geolocation data, biometric identifiers, human genetic or molecular data, personal health data, and personal financial data.
By Eva Fu
