At least eight US telecommunications companies and dozens of countries have been affected this week by what a top White House official called a Chinese hacking campaign that has also raised concerns about the security of text messages.
At a press conference Wednesday, US Deputy National Security Adviser Anne Neuberger shared details about the scope of a sprawling hacking campaign that allowed officials in Beijing to access private texts and phone conversations with an unknown number of Americans.
A group of hackers known as Salt Typhoon is being blamed for the attack that targeted companies, which reportedly included AT&T, Verizon and Lumen Technologies. White House officials warned that the number of telecommunications companies and countries affected could continue to grow.
Canadian cybersecurity experts who are paying close attention to this latest breach say that some business practices and government regulations that allow intelligence agencies to access the telecommunications system are part of the problem. These experts and US law enforcement officials recommend that people take action to protect their text messages.
“The attack unfolding in the United States is a reflection of historic and ongoing vulnerabilities in telecommunications networks around the world, some of which have been exacerbated by the government,” said Kate Robertson, a lawyer and senior researcher at the University of Toronto's Citizen Lab, which studies digital threats to civil society.
Although the hack appears to have targeted American politicians and government officials, experts say regular SMS text messages, the kind offered by most wireless carriers, are not very secure as they are unencrypted.
“We're constantly bombarded with concerns about phishing and email scams and malicious links,” said security consultant Andrew Kirsch, a former intelligence officer with the Canadian Security Intelligence Service (CSIS).
“This shows that the other vulnerability is through our telecommunications, phone calls and text messages. ”
The impact on Canadian companies is not yet known
CBC News has reached out to the RCMP, the Canadian Center for Cyber Security and CSIS to ask if any of the cyberattacks affected Canadian consumers or communications companies, but have not yet received a response. .
Earlier this week the Canadian Center for Cyber Security released a joint publication with the US., Australia and New Zealand with security advice for companies such as cell phone providers on “improved visibility and hardening of communications infrastructure.”
CBC News also contacted Canada's largest cell phone providers – Bell, Rogers and Telus – to ask if their networks were targeted and breached in the same attack. Rogers and Telus did not respond before publication.
Bell said it was aware of a “highly sophisticated” attack in the US and was working with government partners and other telecommunications companies “to mitigate any potential security incidents throughout identify our networks. “
The telecommunications company says it has not seen any evidence of an attack, but continues to “investigate and monitor.”
How these attacks happen
Robertson explained that these attacks are possible in part because governments have “prioritized the goal of monitoring the security of the entire network of users.” “
She says security researchers have long warned that the legal “back doors” used by governments to monitor crime and spying over landlines and mobile phones can to be “used by unwelcome actors,” leaving entire networks of users exposed.
Her colleague at Citizen Lab, Gary Miller, especially threatens mobile networks and says that the connections between different companies and countries in terms of communication networks are another weakness.
For example, he said that making an international phone call from point A to point B requires an interconnection between network operators, as does international movement with mobile phones.
“And the need to… open up these networks to ensure a seamless user experience leads to a certain vulnerability. ”
He says that as the networks become faster and more reliable, they have also become more secure, but he notes that the security standards for the telecommunications industry are not required by law is strong enough.
“There's no accountability, you know, for these types of security and incidents,” he said. “And that's really what needs to happen.”
Concerns about the safety of texts
As a result of this hack, concerns about the security of text messages have emerged.
The FBI has said that those with Android and Apple devices can continue to send texts to users who have the same devices because they have secure messaging systems built in.
However, the bureau warned against Apple users sending messages to Android users or vice versa, and instead encouraged users to send text messages through a third-party app that provides end-to-end encryption -end.
Robertson and Miller recommend that people install these messaging apps – such as Signal or Whatsapp – on their phones and use them all the time.
Robertson says that Signal gives users access to a “gold standard form of encryption” that is very easy to use, and noted that “very similar things can be said about WhatsApp”.
Miller says he prefers Signal because it is a non-profit, while WhatsApp is owned by Meta.
Kirsh says that if people are using regular text messages, he recommends that they don't write any message that they wouldn't “postcard and physically mail” because “once you send that information – out in the world, you have lost control of it. .”
China's political ambition and power
In November, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a a joint statement confirms a “widespread and significant cyber espionage campaign,” targeting the US
Stephanie Carvin, an associate professor at Carleton University and a former national security analyst, says the hack shows just how large and well-funded Chinese espionage operations are on the side. the West.
“When you hear about an attack like this there's no single target,” Carvin told CBC News. “With this data, (China) can do a lot of specific things in terms of targeting, but (it) can identify general patterns.” development that will help operations down the road.”
According to Neuberger, the deputy national security adviser, the Salt Typhoon hackers were able to access the communications of senior US government officials, but during a call with reporters, she said she did not believe the communications were recorded. any risk.
Neuberger said that affected companies are all responding, but have not stopped the hackers from gaining access to the networks.
“So there is a risk of continued compromise on communications until US companies address the cybersecurity gaps,” she said.
A spokesperson with the Chinese Embassy in Washington denied that the country was behind the hacking campaign.
“The US must stop its own cyberattacks against other countries and stop using cybersecurity to smear and criticize China,” Liu Pengyu said.
Source link
