Following recent cyberattacks from intrusion groups, AT&T and Verizon have announced that their systems have successfully recovered and are now functioning securely. In separate statements provided to Reuters and Bloomberg, both telecom giants indicated they cooperated with law enforcement to minimize the impact of these state-sponsored threats linked to espionage efforts.
According to federal authorities, at least nine telecom companies have been victimized by attacks from Salt Typhoon, a cyberespionage entity associated with China. While the complete scope of the assault on AT&T and Verizon has not yet been disclosed, it appears the attack was specifically aimed at sensitive information.
The FBI and CISA confirmed the intrusion attempts against U.S. telecommunications infrastructure in October. Reports indicated that Verizon was specifically targeted, with individuals like Donald Trump and Senator JD Vance possibly being on the hackers’ radar, according to BBC.
Earlier in September, The Wall Street Journal reported incursions into broadband networks by state-affiliated actors, who aimed to gain covert access to the infrastructure and sensitive data. Soon after, the publication revealed that investigations had been initiated into the attacks affecting not only Verizon and AT&T but also Lumen, linked to the Salt Typhoon group.
According to a recent statement, “The hackers may have potentially compromised U.S. government surveillance of Chinese threats, including the FBI’s investigations,” revealing the extent of the national security concern. In a separate statement to Bloomberg, AT&T acknowledged that the threat actors sought crucial foreign intelligence.
This month, the Cybersecurity and Infrastructure Security Agency (CISA) issued a comprehensive set of mobile communication safety guidelines aimed at senior government officials and other high-profile individuals, in response to these cyber espionage activities.
Verizon also informed Bloomberg that a small number of high-profile figures in government and politics were specifically targeted during these attacks. As of now, both carriers assure that their systems are free from state-sponsored threat activities.
Microsoft, collaborating with officials on the recent attacks, has reported that the Salt Typhoon threat is traced back to China and is also referred to as GhostEmperor and FamousSparrow. The tech giant has previously contended with a similar operation, Silk Typhoon, which targeted sectors like healthcare, law firms, educational institutions, defense contractors, think tanks, and NGOs in the U.S. and abroad.
It’s worth noting that AT&T’s challenges are not new for 2024. Earlier this year, the company confirmed a significant data leak affecting over 7 million active accounts and more than 65 million former subscribers. Not long after, they reported that customer data, including messages and call logs, was also compromised through a third-party cloud service.
