US telecoms giants AT&T and Verizon said they had secured their networks after being targeted linked to China. Salt typhoon Cyber Intelligence Group.
In a statement to TechCrunch on Monday, AT&T spokesman Alexander Byers said the company “does not see any activity by nation-state actors on our networks at this time.”
Verizon spokesman Richard Young told TechCrunch in an email that the organization “maintains a cyber incident caused by this nation-state threat actor” and has not seen any threat actor activity on its network for some time. ”
Verizon's incident was confirmed by a “highly respected cybersecurity firm,” the company said, but Young declined to name the third party.
The extent of these Salt Typhoon violations is unknown. AT&T said China-backed hackers targeted “a small number of foreign intelligence interests” and was aware of “a few instances” of individuals' information being compromised. .
Verizon said the hackers specifically targeted “a small number of high-profile customers within the government.”
“Immediately upon learning of this incident, Verizon contacted federal law enforcement and national security agencies; “We have taken several key actions to protect our customers and our network, including partnering with industry partners and private cybersecurity firms,” said Vandana Venkatesh, Verizon's chief general officer. In the statement. “After taking considerable time to address this incident, we can report that Verizon is taking action related to this incident.”
This is the first acknowledgment that AT&T and Verizon have been affected by the Salt Typhoon campaign. It first emerged in October that hackers had compromised the networks of some of the largest US phone and internet companies to gather intelligence on US citizens.
US officials said earlier this month that at least eight telecommunications providers, including Lumen (formerly CenturyLink) and T-Mobile, were targeted. On Friday, Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said a ninth victim had been identified. Reuters.
Neuberger, who did not name the newly identified victim, said one of the nine telecoms breached involved an administrator account with access to more than 100,000 routers.
Updated with comment from AT&T.