The National Security Agency (NSA), other government agencies and some companies have reportedly begun investigating the possibility that Chinese hackers have targeted American telecommunications companies.
The investigation is in its early stages and it’s too early to say which firms may have been the focus on the hacking, NSA Director General Timothy Haugh told reporters at the Cipher Threat Conference, Bloomberg reported Monday (Oct. 7).
Liu Pengyu, a spokesperson at the Chinese embassy in Washington, told Bloomberg that China combats cyberattacks and rejects the U.S. claims.
The NSA has warned that telecommunications infrastructure is vulnerable to hacking, saying in a June 2022 advisory that Chinese hackers were seeking a foothold via bugs in devices to gain access to critical users and systems, per the report.
U.S. cyber officials have said that by burrowing into the country’s critical infrastructure, Chinese hackers aim to disrupt electricity, water and other critical services to hinder a U.S. military response during any future crisis, according to the report.
Critical infrastructure has consistently been under attack, and U.S. officials have asked a variety of companies to identify any such intrusions, per the report.
It was reported in September that a hacking campaign dubbed Salt Typhoon by investigators was targeting sensitive information and had gotten into some American internet service providers.
This hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.
“This would be an alarming — but not really surprising — expansion of their malicious use of cyber to gain the upper hand over the United States,” Glenn Gerstell, former general counsel at the NSA, told the Wall Street Journal in September.
It was reported in May that companies in the U.S. emerged as the primary targets for cyberattacks of all kinds in 2023, with the healthcare sector experiencing a doubling of attacks compared to the previous year.
Attacks on control systems for critical infrastructure are of particular concern, with a ransomware attack on the largest U.S. fuel pipeline in the U.S. in 2021 leading to major disruptions along the East Coast.