News: 1732540505

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

China has utterly pwned 'thousands and thousands' of devices at US telcos

(2024/11/25)


The Biden administration on Friday hosted telco execs to chat about China's recent attacks on the sector, amid revelations that US networks may need mass rebuilds to recover.

Details of the extent of China's attacks came from senator Mark R Warner, who on Thursday gave both [1]The Washington Post and [2]The New York Times insights into info he's learned in his role as chair of the Senate Intelligence Committee.

Warner told the Post "My hair is on fire" given the severity of China's attacks on US telcos. The attacks, which started well before the US election, have seen Middle Kingdom operatives establish a persistent presence – and may require the replacement of "literally thousands and thousands and thousands" of switches and routers.

[3]

The senator added that China's activities make Russia-linked incidents like the SolarWinds supply chain incident and the [4]ransomware attack on Colonial Pipeline look like "child’s play."

[5]

[6]

Warner told The Times the extent of China's activity remains unknown, and that "The barn door is still wide open, or mostly open."

The senator, a Democrat who represents Virginia, also confirmed previously known details, claming it was likely Chinese state employees could listen to phone calls – including some involving president-elect Donald Trump – perhaps by using carriers' wiretapping capabilities. He also said attackers were able to steal substantial quantities of data about calls made on networks.

[7]Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator

[8]Feds investigate China's Salt Typhoon amid campaign phone hacks

[9]China's Salt Typhoon cyber spies are deep inside US ISPs

[10]US proposes ban on Chinese, Russian connected car tech over security fears

Most of the senator's remarks confirm prior guidance [11]from the FBI and the US Cybersecurity and Infrastructure Security Agency about the activities of a Beijing-backed crew dubbed Salt Typhoon that's accused of compromising, and rummaging around inside, US telco networks for many months.

For what it's worth, China [12]claims the US makes this stuff up – but hasn't offered an alternative explanation.

[13]

The day after Warner chatted to the newspapers, the Biden administration’s national security advisor Jake Sullivan and deputy national security advisor for cyber and emerging technology Anne Neuberger met with telecom execs. According to a [14]White House readout of the chat, they used the opportunity to "share intelligence and discuss the People's Republic of China's significant cyber espionage campaign targeting the sector."

Which rather suggests there's more info about this situation that's not available to the public. ®

Get our [15]Tech Resources



[1] https://www.washingtonpost.com/national-security/2024/11/21/salt-typhoon-china-hack-telecom/

[2] https://www.nytimes.com/2024/11/21/us/politics/china-hacking-telecommunications.html

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z0StMBeb0I4Tip_FruArtQAAABY&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[4] https://www.theregister.com/2021/05/13/colonial_pipeline_ransom/

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z0StMBeb0I4Tip_FruArtQAAABY&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z0StMBeb0I4Tip_FruArtQAAABY&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[7] https://www.theregister.com/2024/11/20/musk_chinese_cyberspies/

[8] https://www.theregister.com/2024/10/28/feds_investigate_chinas_salt_typhoon/

[9] https://www.theregister.com/2024/09/25/chinas_salt_typhoon_cyber_spies/

[10] https://www.theregister.com/2024/09/23/us_ban_china_russia_car_tech/

[11] https://www.theregister.com/2024/11/14/salt_typhoon_hacked_multiple_telecom/

[12] https://www.theregister.com/2024/10/15/china_volt_typhoon_false_flag/

[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z0StMBeb0I4Tip_FruArtQAAABY&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[14] https://www.whitehouse.gov/briefing-room/statements-releases/2024/11/22/readout-of-national-security-advisor-jake-sullivans-meeting-with-executives-from-the-telecommunications-sector/

[15] https://whitepapers.theregister.com/



Hijacked elections too

Anonymous Coward

Check out shocking presidential election results in Romania. TikTok was the vehicle.

Re: Hijacked elections too

heyrick

You don't think that might have been more Russia then China?

Re: Hijacked elections too

simkin

Or, you know, democracy.

Headley_Grange

If the FCC had tried to issue federal mandates for security regulations, procurement, testing, etc., there would have outcry about government overreach with cases in the supreme court about the states' and companies' rights to manage this (==make money) without interference from the-man-from-the-government.

Doctor Syntax

may require the replacement of "literally thousands and thousands and thousands" of switches and routers.

Given that Huawei kit was supposed to have been replaced I wonder what makes these were.

Ah - I've just checked the Washington Post article: Cisco.

Blazde

Cisco share price up since Wednesday of course, they'll be selling more hardware now.

Could have gone Huawei after all. Same result but cheaper.

My hair is on fire

abend0c4

I thought that was the next step but one.

victorx

There are industries where security is mandatory, and products designed accordingly.

But if you do not set the standard for infrastructure to be resilient, then you cannot take seriously the complaints afterwards.

If you as a company double your overhead to make secure devices, yet none of your customers care (by voting with their wallet), then you as a company will incur a loss over time.

Having a reputation of producing insecure devices does not seem to harm sales either.

This is not a trivial problem either, because digital security is not something most understand. Insecure cars kill people, and will get lawsuits and reputational damage.

Yet if you sample The Register on yet another CVE >= 8 on widespread networked devices, you do wonder if anyone cares or foots the bill.

If you do not change the dynamic/payoff, do not expect the players to change.

I care, but n=1, so not that relevant.

Easily pwned Cisco kit

heyrick

Gee, whodathunkit?

Anonymous Coward

So, when are they going to hold the CEOs of these firms liable? Oh that's right, they're untouchable campaign "contributors"

The greatest griefs are those we cause ourselves.
-- Sophocles