Chinese government hackers have breached the networks of several major U.S. Internet service providers and may have gained access to systems used for court-authorized wiretaps of communications networks, The Wall Street Journal reported Saturday. “People familiar with the matter” told the WSJ that hackers breached the networks of companies like Verizon, AT&T and Lumen (also known as CenturyLink).
“A cyberattack linked to the Chinese government compromised the networks of numerous U.S. broadband providers and potentially accessed information from systems used by the federal government for court-authorized network tap requests,” wrote the WSJ. “According to people familiar with the matter, the hackers may have had months or more access to the network infrastructure used to cooperate with lawful U.S. requests for communications data.”
These “attackers also had access to other parts of more generic Internet traffic,” the WSJ sources said. The attack is attributed to a Chinese hacking group called Salt Typhoon.
The Washington Post reported on the hacking campaign yesterday, describing it as “a daring espionage operation likely aimed in part at discovering the Chinese targets of U.S. surveillance.” The Post report attributed the information to U.S. government officials and said an investigation by the FBI, other intelligence agencies and the Department of Homeland Security is “in its early stages.”
According to the Post report, there are indications that China's Ministry of State Security is involved in the attacks.
Verizon is reportedly cooperating with the FBI
Verizon has reportedly set up a war room at its Ashburn, Virginia facility, where it is working with personnel from the FBI, Microsoft and Google subsidiary Mandiant.