Encrypted apps urged by lawmakers amid major Chinese telecom breach



U.S. officials are imploring individuals and companies alike to use encrypted messaging apps in order to minimize the chances of the communist Chinese regime intercepting their communications.

The recommendations coincide with the confirmation by a top U.S. security official this week of a historic state-sponsored hacking campaign that compromised at least eight American telecommunications companies, including AT&T, T-Mobile, and Verizon.

Microsoft dubbed the Chinese group responsible Salt Typhoon. Salt Typhoon, which has been active since at least 3020, is also occasionally referred to as GhostEmperor, Earth Estries, UNC2286 or FamousSparrow.

The Wall Street Journal first reported on the Salt Typhoon attack in September, noting that the hackers penetrated numerous broadband providers earlier this year, affording them a foothold within the broadband infrastructure with which to access private data and possible launch a ruinous cyberattack.

While exponents of the Chinese regime have repeatedly denied its role in the attack, American officials aren't buying what they are selling.

'Encryption is your friend.'

The Cybersecurity and Infrastructure Security Agency and the FBI issued a joint statement last month indicating that the U.S. government's "continued investigation into the People's Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign."

"Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders," said the agencies.

Rep. Jake Auchincloss (D-Mass.) stated on Nov. 29, "Salt Typhoon is the worst telecom hack in American history, and demands both a proportionate response to the Chinese Communist Party and increased accountability for U.S. corporations to prevent these intrusions."

Auchincloss suggested to CNN that the hackers were especially brazen, re-asserting themselves in the networks after being discovered.

An unnamed senior FBI official and Jeff Greene, executive assistant director for cybersecurity at CISA, told NBC News Tuesday that Americans should use encrypted messaging apps.

"Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible," said Greene.

"People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant" multi-factor authentication for email, social media and collaboration tool accounts, said the FBI official.

Greene indicated the networks remained compromised and that intelligence agencies cannot presently "predict a time frame on when we'll have full eviction."

The FBI, CISA, and the National Security Agency published a joint guide Wednesday, titled "Enhanced Visibility and Hardening Guidance for Communications Infrastructure," detailing ways that network engineers and "defenders of communications infrastructure" can harden their network devices against further exploitation by Chinese hackers.

"The PRC-affiliated cyber activity poses a serious threat to critical infrastructure, government agencies, and businesses. This guide will help telecommunications and other organizations detect and prevent compromises by the PRC and other cyber actors," Greene said in a statement.

'It should never have happened.'

The Biden White House's deputy national security adviser, Anne Neuberger, told reporters this week that none of the impacted companies have "fully removed the Chinese actors from these networks," reported the Associated Press.

"So there is a risk of ongoing compromises to communications until U.S. companies address the cybersecurity gaps the Chinese are likely to maintain their access," added Neuberger.

Neuberger added, "We don't believe any classified communications has been compromised."

After intelligence officials briefed members of the U.S. Senate Wednesday, Sen. Rick Scott (R-Fla.) reportedly expressed frustration, noting, "They have not told us why they didn't catch it; what they could have done to prevent it."

Sen. Richard Blumenthal (D-Conn.) said, "The extent and depth and breadth of Chinese hacking is absolutely mind-boggling — that we would permit as much as has happened in just the last year is terrifying," reported Reuters.

The Federal Communications Commission announced Thursday that it is "taking decisive steps to address vulnerabilities in U.S. telecommunications networks following the Salt Typhoon cyberattack, a sophisticated intrusion linked to foreign state-sponsored actors. These measures aim to safeguard critical communications infrastructure and ensure national security, public safety, and economic resilience in the future."

FCC commissioner Brendan Carr tweeted, "The Salt Typhoon intrusion is a serious and unacceptable risk to our national security. It should never have happened. I will be working with national security agencies through the transition and next year in an effort to root out the threat and secure our networks."

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Feds Charge 3 Iranian Military Members for Hacking Trump Campaign in ‘Wide-Ranging’ Cyber Scheme

U.S. federal prosecutors charged three members of Iran’s Islamic Revolutionary Guard Corps for targeting Republican nominee Donald Trump’s presidential campaign in a "wide-ranging" hacking scheme, according to an indictment unsealed Friday.

The post Feds Charge 3 Iranian Military Members for Hacking Trump Campaign in ‘Wide-Ranging’ Cyber Scheme appeared first on .

Hackers find vulnerabilities in voting machines — but officials say there's no time to fix them by Election Day



Participants at the Voting Village event at the 2024 DEF CON Hacking Conference in Las Vegas were able to uncover vulnerabilities in various voting machines, e-poll books, and other equipment used in elections across America — but officials say they do not have enough time to address these issues before Election Day in November.

As it has for nearly a decade, the DEF CON conference featured a Voting Village event that permitted some of the world's most skilled hackers to take their best shot at finding vulnerabilities in election-related equipment, including different sorts of voting machines, most of which are used in at least one jurisdiction in America, Politico reported.

'Even if you find a vulnerability next week in a piece of modern equipment that’s deployed in the field, there’s a challenge in getting the patch and getting the fix out to the state and local elections officials and onto the equipment before the November election.'

The event drew significant interest, and hackers stood in long lines to attempt to circumvent firewalls and other security tools meant to deter cybercriminals.

They also had to go out of their way to participate since Village Vote was held in an isolated area away from the main floor this year after some online users leveled threats and accused the event of undermining democracy.

According to Voting Village co-founder Harri Hursti, the list of security vulnerabilities discovered this year spanned "multiple pages," though he added that the total number of vulnerabilities was about average for Village Vote events.

The good news is that security vulnerabilities can often be fixed. The bad news is that the repair process takes time, and the 2024 election is only about 12 weeks away.

"Even if you find a vulnerability next week in a piece of modern equipment that’s deployed in the field, there’s a challenge in getting the patch and getting the fix out to the state and local elections officials and onto the equipment before the November election," explained Scott Algeier, executive director of the Information Technology-Information Sharing and Analysis Center.

"It’s not a 90-day fix," he continued.

Catherine Terranova, executive director of Voting Village, likewise doubted that anything could be done before November.

"As far as time goes, it is hard to make any real, major, systemic changes, but especially 90 days out from the election," she said. "It's particularly troubling during an election year like this."

The truncated timeframe is not the only problem. Hursti also expressed concerns about foreign adversaries.

"We are here only for two and a half days, and we find stuff," he said. "It would be stupid to assume that the adversaries don’t have absolute access to everything."

"If you don’t think this kind of place is running 24/7 in China, Russia, you’re kidding yourselves."

Politico reported that secretaries of state and other election officials attended the event, a sign that they are aware of potential problems with voting machines. However, these officials spent much of their time at the conference giving "talks on misinformation and disinformation threats facing the upcoming election," the outlet claimed.

"There’s so much basic stuff that should be happening and is not happening," Hursti claimed. "So yes, I’m worried about things not being fixed, but they haven’t been fixed for a long time, and I’m also angry about it."

Village Vote may be doing important work, drawing attention to vulnerabilities in American voting machines, but there are indications it may have a left-leaning political ideology.

For one thing, the main page of its website features the tagline "It takes a village to preserve democracy," seemingly adopting a phrase from Hillary Clinton, who penned a book entitled "It Takes a Village."

The social media accounts of some of its leaders likewise indicate that they harbor liberal opinions.

Chair of the board Matt Blaze proudly lists his preferred pronouns in his X bio.

An account believed to be run by secretary of the board David Jefferson retweeted a number of liberal messages and memes. One particularly disturbing meme retweeted by the account regurgitates the most extreme talking points of abortion supporters, including that pro-life advocates are "monitoring ... period apps."

Blaze News reached out to Village Vote to inquire about its apparent political biases but did not receive a response.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

ROOKE: Five-Alarm Fire Ignited At Voting Machine Conference, And There’s Nothing Americans Can Do To Stop It

'Voting is the only option for Americans who do not want the American dream to die'

America’s Top Hackers Discovered Vulnerabilities In Voting Machines — But It May Be Too Late

'it is hard to make any real, major, systemic changes'

'Nearly all' AT&T customers' data stolen in huge breach



AT&T issued a Friday press release that stated "nearly all" of its customers' call and text records were stolen in a massive data breach.

According to the telecommunication company, the sensitive information was "illegally downloaded from our workspace on a third-party cloud platform." It noted that it has launched an investigation into the incident, partnering with "leading cybersecurity experts to understand the nature and scope of the criminal activity."

'Incredibly sensitive pieces of personal information.'

AT&T said that it believes at least one individual involved in the breach has already been apprehended by law enforcement, but it continues to work with authorities to arrest all of those responsible and "close off the illegal access point."

The company's investigation has so far determined that the hackers swiped the call and text records of "nearly all of AT&T's cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T's wireless network, as well as AT&T's landline customers who interacted with those cellular numbers between May 1, 2022 - October 31, 2022."

"The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included," AT&T shared in its press release.

The company noted that the stolen data does not include the content of its customers' calls or texts. Hackers also did not obtain any personally identifiable information, including Social Security numbers or dates of birth. Additionally, the data breach did not include usage details, such as call and text time stamps, it noted.

"While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number," AT&T added. "At this time, we do not believe that the data is publicly available."

According to a May Securities and Exchange Commission filing, the telecommunications company learned about the data breach on April 19, 2024, stating that a "threat actor claimed to have unlawfully accessed and copied AT&T call logs."

The SEC filing stated that the Department of Justice previously advised AT&T to "delay" informing the public about the discovery, pursuant to Item 1.05(c) of Form 8-K.

NBC News reported that the DOJ and the FBI are working with AT&T to investigate the incident. The Federal Communications Commission launched its own investigation.

Thomas Rid, a professor of strategic studies and the director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, told the news outlet, "If you have somebody's metadata, you know when they go to work, where they go to work, where they sleep every night."

In a statement to NBC News, John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, said, "These are incredibly sensitive pieces of personal information and, when taken together at the scale of information that appears to be included in this AT&T breach, they presetent a massive NSA-like window into Americans' activity."

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

US Sanctions Iranian Cyber Army and Militant Groups That Have Kidnapped Americans

The Biden administration on Tuesday issued a bevy of new sanctions on Iran's army of cyberterrorists, as well as several militant groups that are attempting to kidnap Americans abroad.

The post US Sanctions Iranian Cyber Army and Militant Groups That Have Kidnapped Americans appeared first on Washington Free Beacon.

Nationwide Ransomware Attack Exposes The Problem With Health Care Monopolies

The hacking of a UnitedHealth affiliate is a symptom of consolidation within the health care sector, and it's likely to get even worse.

How Bad Was The D.C. ‘Voter Records’ Hack? Election Officials Enlist Feds Because They Still Don’t Know

D.C. and federal authorities have launched an inquiry into an alleged hack of voter records maintained by the D.C. Elections Board.

Chinese Hackers Stole 60,000 State Department Emails: REPORT

All of the emails were unclassified