China-Backed Cyberattack Among Most Significant in US History, Sen. Warner Says

A cyberattack reported in October perpetrated by the Chinese state-backed Salt Typhoon threat group is one of the largest in history.

FAIRFAX COUNTY, Va.—A cyberattack perpetrated by Chinese state-backed actors and revealed in October was one of the largest and most significant in U.S. history, according to the top Senate intelligence leader.

Sen. Mark Warner (D-Va.), who chairs the Senate Select Committee on Intelligence, told The Epoch Times that the hack conducted by the Salt Typhoon threat group was “unprecedented in its size and scope.”

“I think it will go down as maybe one of the most significant cyberattacks we’ve faced in our country,” Warner said on Nov. 4.

Salt Typhoon’s cyberattack is believed to have compromised numerous major telecommunications networks, including those of AT&T, CenturyLink, and Verizon. The attack targeted companies and individuals, including former President Donald Trump and Vice President Kamala Harris.

Trump’s running mate, Sen. JD Vance (R-Ohio), said during an episode of the “The Joe Rogan Experience” podcast on Oct. 31 that his phone was compromised by the attack.

Vance added that most of his messages were encrypted using third-party apps such as Signal, and he did not believe the hackers were able to obtain his personal communications.

Though China, Iran, and Russia have all engaged in malicious cyber activity against the United States in order to interfere in the 2024 presidential election, Warner said that the Salt Typhoon attack “did not have election interference as its goal.”

Instead, the attack was long ongoing and appeared to be conducted for espionage purposes, raising questions about the risk posed by the United States’ lax cybersecurity standards for telecommunications infrastructure.

“It has been, unfortunately, going on for some time,” Warner said. “I believe it begs the fact that we do not have any minimum cybersecurity within our telecom section.”

Mentioning his telecom business background, Warner added that “those minimum cyber standards and telecom will be a top legislative agenda” following the breach.The apparent scope and severity of the Salt Typhoon attack raises questions about the security of the telecommunications infrastructure used by most Americans every day and how a foreign power could come to infiltrate it.

Some reports have suggested that Salt Typhoon gained access to the systems by infiltrating the infrastructure, which allows court-authorized wiretapping of U.S. citizens by law enforcement and intelligence agencies, according to an October report by the Congressional Research Service.

In line with this, Vance said that the China-based hackers responsible for compromising his phone used back-end infrastructure originally created to accommodate the Patriot Act and FISA Section 702.

The Epoch Times could not independently verify those allegations. The Cybersecurity and Infrastructure Security Agency and the FBI declined to comment on the matter.

The breach is just one part of the Chinese communist regime’s sweeping effort to infiltrate and destabilize U.S. systems and is evidence that the United States is failing to defend its systems from foreign interference.

The “Typhoon” moniker was created by Microsoft and subsequently adopted by the U.S. government. It is also used to refer to Chinese state-sponsored threat actors.

Salt Typhoon is just one such entity that has found success in recent months.

Others include Volt Typhoon and Flax Typhoon, both of which target U.S. and allied critical infrastructure for the purpose of preparing sabotage in the event of a major armed conflict between the United States and China.

FBI Director Christopher Wray has previously testified that the United States is particularly vulnerable to such attacks because of its reliance on the relatively unregulated internet systems of the private sector and the fact that Chinese hackers outnumber FBI cybersecurity personnel “50 to one.”

Salt Typhoon, meanwhile, appears to have targeted U.S. telecommunications infrastructure en masse with the goal of exfiltrating data for espionage purposes.

John Cohen, executive director at the Center for Internet Security think tank, told The Epoch Times that threat actors such as Salt Typhoon will use their ill-gotten access to information and communications systems to steal sensitive information for use in future malign information operations.

“These attackers are looking for sensitive data that they can use to embarrass or undermine the credibility of the target, or to create a veil of legitimacy for conspiracy theories or other manufactured content so that it appears more believable,” Cohen said.

Cohen added that the Chinese regime’s ultimate goal in targeting the government, academia, and private sector entities was to secure “economic and geopolitical superiority over the United States.”

To that end, he noted that the regime’s cyberattacks did not appear to target one political party or the other but were instead intended to “undermine confidence in the current U.S. government and its policies” in order to replace officials and policies with those “more favorable to [its] geo-political interests.”

“Though they use similar playbooks to guide their malign information operations, the objectives of Russia, China, Iran, and North Korea can differ,” Cohen said.

Likewise, Warner said that the Chinese regime was focused on undermining anyone with “strong records against China,” whereas Russia and Iran were actively seeking to influence the outcome of the 2024 presidential election.

“At the end of the day, the biggest concern they all have is to undermine our trust in our democracy,” Warner said.

 

Read More