Getty ImagesUS officials say hackers linked to the Chinese government are responsible for security breaches at major telecommunications companies and US agencies.
The latest hack, announced on Monday, directed at the US Treasury Department, which called the hack a “major incident.”
Officials said the hackers were able to gain access to employees' workstations and some unclassified documents. China denies involvement.
It is the latest in a series of cyberattacks that have emerged in recent months against the US and other Western targets.
What is hacked?
The Treasury Department hack followed news in late October that the two major US presidential campaigns had been targeted.
The FBI and the Cybersecurity and Infrastructure Security Agency (Cisa) said the hack targeting the White House campaigns was carried out “by actors associated with the People's Republic of China.”
In September, there were reports of an operation that managed to breach the security of leading telecommunications companies.
The White House recently announced that at least nine companies had been hacked, including telecommunications giants AT&T and Verizon.
And earlier in the year, in March, seven Chinese nationals were charged with carrying out a hacking operation which lasted at least 14 years and targeted foreign critics of China, business and politicians.
Operations linked by Western governments to China also targeted the UK Electoral Commission and the parliaments of the UK and New Zealand.
Who are the hackers?
Although the full details have not yet been revealed, the hacks appear to be the work of several different units — each, US officials say, linked to the Chinese state.
Hacker groups are given nicknames by security firms. For example, the group behind the telecom hack is best known as Salt Typhoon, the name given to it by researchers at Microsoft. Other firms have named it Famous Sparrow, Ghost Emperor and Earth Estrie.
Salt Typhoon is believed to be behind the telecom hack. A separate group called Volt Typhoon, has been accused of infiltrating critical infrastructure organizations for potential disruption attacks.
The seven Chinese nationals accused of hacking were linked by US Justice Department officials to an operation known as Zirconium or Judgment Panda.
The UK's National Cyber Security Center says the same operation targeted British parliamentarians' emails in 2021.
What was collected during the hacks?
ReutersRecent hacks appear to have targeted influencers and gathering data that could benefit the Chinese government.
Among others, they targeted the phones of President-elect Donald Trump, Vice President-elect JD Vance, and people working for Vice President Kamala Harris' campaign.
Hackers also gained access to a database of phone numbers tapped by law enforcement — information that experts say could be used to discover which foreign spies are under surveillance.
And the data of millions of Americans may have been compromised by the attacks on telecommunications companies.
Richard Forneau, assistant director of the University of Maryland, Baltimore County Cybersecurity Institute, said China's efforts are aimed at different goals.
“It's more general information gathering, let's see what we can get into and see what we can find,” he said.
How worried are US officials?
US lawmakers from both parties have expressed concern about the hacks.
Sen. Mark Warner, a Democrat, called Salt Typhoon's activities “the worst telecommunications hack in our nation's history.”
Brendan Carr, Trump's pick to chair the Federal Communications Commission, said an intelligence briefing on the hack was “deeply, deeply troubling.”
“The information I heard made me want to smash my phone at the end of it,” he told CNBC.
FBI Director Christopher Wray recently said the Salt Typhoon hacking of telecommunications companies was “the most significant cyberespionage campaign in China's history.”
He previously said China's hacking program was bigger “than that of every other major nation combined.”
EPAHow did the Western Allies react?
In addition to the charges brought against the seven Chinese nationals, US authorities earlier this month warned China Telecom Americas, the US subsidiary of one of China's largest communications companies, that it was a national security threat.
The company has 30 days to respond and could eventually face a ban.
in may The UK fined two individuals and Wuhan Xiaoruizhi Science and Technology Company Ltdwhich is said to be related to Judgment Panda.
Trump's incoming national security adviser Mike Waltz said foreign hackers should face “greater costs and consequences.”
Mr. Forneau of the UMBC Cybersecurity Institute said the hacks were likely years in the making.
“China has traditionally taken a very long and strategic view of how it conducts its espionage and intelligence operations,” he said. “The US tends to be much more reactive and much more interested in immediate and visible results.”
What did China say?
Chinese Foreign Ministry spokesman Mao Ning told a news briefing that the allegations were “baseless” and “lacking evidence”.
“China has consistently opposed all forms of hacking and firmly rejects the spread of false information targeting China for political purposes,” Mao said.
A Chinese embassy spokesman said in a statement: “The US should stop using cybersecurity to slander and defame China and stop spreading any kind of misinformation about so-called Chinese hacking threats.”