WASHINGTON — A White House official said Friday the U.S. identified a ninth telecommunications company impacted by a wide-ranging Chinese espionage effort and that further steps are planned to curb cyberattacks from Beijing.
Anne Neuberger, the U.S. deputy national security advisor for cyber and emerging technology, told reporters on a call that the unnamed telecom was added to the list after the U.S. government shared guidance on how to detect and defend against the operation. Officials have previously alleged that the attackers targeted Verizon, AT&T, Lumen and others.
As the Biden administration learns about the scope and scale of the so-called Salt Typhoon breach that it attributed to China, officials are laying the blame on companies that were slow to identify the attack.
“The reality is that China is targeting critical infrastructure in the United States. Those are private sector companies, and we still see companies not doing the basics,” Neuberger told reporters Friday.
“That’s why we’re looking forward and saying ‘Let’s lock down this infrastructure,’” she added. “And frankly, let’s hold the Chinese accountable for this.”
Ban of China Telecom
The Commerce Department this month moved ahead with a ban of China Telecom and, according to Neuberger, similar actions will be released in the next month.
Chinese officials have previously described the allegations as disinformation and said Beijing “firmly opposes and combats cyber attacks and cyber theft in all forms.”
Sen. Ben Ray Lujan, a Democrat from New Mexico, called Salt Typhoon the “largest telecommunications hack in our nation’s history” during a Dec. 11 hearing, while Texas Republican Sen. Ted Cruz said the U.S. “must plug any vulnerabilities in communications networks.”
Salt Typhoon is the name given to the hacking group behind the attacks. Microsoft Corp. assigns cyberthreat actors different names, to better identify and reference incidents, with the moniker “typhoon” used for activity originating from or attributed to China.
Administrator account breached
Neuberger said one of the nine telecoms breached involved an administrator account that had access to over 100,000 routers.
“So when the Chinese compromised that account, they gained that kind of broad access across the network. That’s not meaningful cybersecurity to defend against the nation-state actors,” Neuberger said.
The U.S. still doesn’t have an exact assessment of how many Americans were targeted, Neuberger said. A large number of individuals were affected by geolocating around the Washington, D.C., and Virginia area — but fewer than 100 individuals’ phone calls and texts were hacked, she said.
Officials believe the goal of the hackers was to identify who owned the phones and, if they were “government targets of interest,” spy on their texts and phone calls, she said.
The FBI said most of the people targeted by the hackers are “primarily involved in government or political activity.”
The Federal Communications Commission is voting on a rule in mid-January that would help protect America’s critical infrastructure, Neuberger said. She said the General Services Administration is reviewing government contracts to require better cybersecurity practices.
Neuberger also cited an alarming increase in the number of health-related hacks that exposed Americans’ health care information and left them vulnerable to blackmail and said that the Department of Health and Human Services will propose new rules to protect medical data.
Reuters and The Associated Press contributed to this report.
