AT&T and Verizon Secure Networks After China-Linked Salt Typhoon Cyberattack
In a recent development, U.S. telecom giants AT&T and Verizon have confirmed that their networks were targeted by the China-backed Salt Typhoon cyberespionage group. However, both companies have assured customers that the incidents have been contained and their networks are now secure. This breach highlights the ongoing threats posed by nation-state actors, particularly from China, against critical U.S. infrastructure.
AT&T’s Response to the Salt Typhoon Hack
AT&T spokesperson Alexander Byers informed TechCrunch that the company has detected “no activity by nation-state actors” on its networks as of now. The telecom giant reassured customers, stating that it is continuously monitoring for any threats and has taken measures to secure its infrastructure.
The breach, according to AT&T, involved a small number of individuals who were of foreign intelligence interest. AT&T also mentioned that the information compromised in the attack was minimal, affecting only a few instances.
Verizon Addresses Cyber Incident from Salt Typhoon
Verizon, in a statement provided to TechCrunch, also confirmed that it had successfully contained the cyberattack attributed to Salt Typhoon hackers. Verizon’s spokesperson, Richard Young, emphasized that no further suspicious activities have been detected on their network since containment efforts were undertaken.
The company revealed that a “highly respected cybersecurity firm” had verified its response to the breach, though Young did not specify the name of the firm involved. Verizon’s actions were swift, involving partnerships with federal law enforcement, national security agencies, and private cybersecurity experts to mitigate the attack.
Scale and Impact of the Salt Typhoon Breach
While the full scale of the Salt Typhoon breaches remains unclear, reports suggest that the group’s efforts were primarily focused on gathering intelligence on U.S. citizens. Verizon disclosed that the hackers targeted a “small number of high-profile customers in government” to gain sensitive information.
The Salt Typhoon campaign is believed to have compromised the networks of multiple U.S. telecom providers, including Lumen (formerly CenturyLink) and T-Mobile. U.S. officials recently stated that at least nine telecom providers have been impacted by this cyberespionage campaign, which was first reported in October. The breaches are believed to have compromised administrator accounts with access to over 100,000 routers.
How Verizon and AT&T Handled the Incident
Both AT&T and Verizon have worked quickly to address the breaches and prevent further damage. Verizon’s Chief General Officer, Vandana Venkatesh, remarked, “Immediately upon learning of this incident, Verizon took several key actions to protect its customers and its network.” These actions included collaboration with federal agencies and the use of private cybersecurity firms.
This breach marks the first public acknowledgment by AT&T and Verizon that they were victims of the Salt Typhoon group, further underscoring the growing concern over cybersecurity threats targeting critical infrastructure in the U.S.
Conclusion: A Wake-Up Call for U.S. Telecom Security
The Salt Typhoon cyberespionage attack serves as a stark reminder of the vulnerabilities in the U.S. telecommunications sector and the sophisticated methods employed by nation-state hackers. While AT&T and Verizon have successfully secured their networks, the ongoing threat from cyberattacks underscores the importance of robust cybersecurity measures for telecom providers. As the threat landscape evolves, it is crucial for these companies to remain vigilant and proactive in securing their networks against future breaches.
For more information about the Salt Typhoon campaign and other telecommunications breaches, check out this Reuters article.
Image Credits: Free to use under the Unsplash License
