What to know about the series of US hacks blamed on China

US officials say hackers linked to the Chinese government are responsible for breaching the security of major telecommunications companies and US agencies.

The latest hack was announced on Monday, It took aim at the US Treasury Department, which described the intrusion as a “major incident”.

Officials said the hackers were able to access employees’ workplaces and some declassified documents. China denies involvement.

It is the latest in a series of cyber attacks that have emerged against US and other Western targets in recent months.

The Treasury Department hack followed the news in late October that two major US presidential campaigns had been targeted.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said the hack targeting White House campaigns was carried out “by actors associated with the People’s Republic of China.”

In September, reports emerged of an operation that managed to breach the security of top telecom companies.

The White House recently said that at least nine companies, including telecom giants AT&T and Verizon, had been hacked.

And at the beginning of the year, in March, Seven Chinese nationals were accused of running a hacking operation Which lasted for at least 14 years and targeted foreign critics of China, businesses and politicians.

China-linked operations by Western governments have also targeted the UK Electoral Commission and the UK and New Zealand parliaments.

Although full details have not yet been revealed, the hack appears to be the work of several different entities – US officials say each entity is linked to the Chinese state.

Nicknames are given to hacking groups by security firms. For example, the group behind the telecom hack is commonly known as Salt Typhoon, a name given to it by Microsoft researchers. Other companies have named it Famous Sparrow, Ghost Emperor and Earth’s Astrology.

Salt Typhoon is believed to be behind the telecom hack. A separate group, nicknamed Volt Typhoon, Potential disruption attacks have been accused of breaking into critical infrastructure organizations,

Seven Chinese nationals charged with hacking were linked by US Justice Department officials to an operation called Zirconium or Judgment Panda.

The UK’s National Cyber ​​Security Center says the same operation targeted the emails of UK MPs in 2021.

The most recent hack appears to be aimed at gathering powerful individuals and data that could benefit the Chinese government.

They targeted the phones of people working for the campaigns of President-elect Donald Trump, Vice President-elect J.D. Vance, and Vice President Kamala Harris, among others.

Hackers have also accessed databases of phone numbers subject to law enforcement wiretaps – experts say this knowledge can be used to find out which foreign spies are under surveillance.

And attacks on telecom companies could compromise the data of millions of Americans.

Richard Forno, assistant director of the University of Maryland, Baltimore County Cybersecurity Institute, said Chinese efforts are being directed at a variety of targets.

“It’s more general information gathering, let’s see what we can get, and see what we can find,” he said.

US lawmakers from both parties have expressed concern about the hack.

Democrat Senator Mark Warner called Salt Typhoon’s activities “the worst telecommunications hack in the history of our country.”

Brendan Carr, Trump’s pick to chair the Federal Communications Commission, said an intelligence briefing about the hack was “deeply, deeply concerning.”

“The end of the information that I heard made me basically want to break my phone,” he told CNBC.

FBI Director Christopher Wray recently said that Salt Typhoon’s hacking of telecom companies was China’s “most significant cyber-espionage campaign in history.”

He previously said that China’s hacking program is larger “compared to all other major countries”.

In addition to the charges against seven Chinese nationals, US officials earlier this month warned China Telecom US, the US subsidiary of one of China’s largest communications companies, that it was a national security threat.

The company has 30 days to respond and could ultimately face sanctions.

in may, UK sanctions two individuals and Wuhan Xiaoruizi Science & Technology Co., Ltd.About which he said that this judgment is related to Panda.

Trump’s incoming national security adviser Mike Waltz has said that foreign hackers will face “high costs and consequences.”

Mr. Forno of the UMBC Cybersecurity Institute said the hack probably took years to develop.

“China traditionally takes a very long and strategic view of how it conducts its espionage and intelligence operations,” he said. “The US is more responsive and more interested in immediate and visible results.”

China’s Foreign Ministry spokesman Mao Ning said at a news briefing that the allegations were “baseless” and “lacking evidence”.

Mao said, “China steadfastly opposes all forms of hacking and firmly rejects the spread of disinformation targeting China for political purposes.”

A Chinese embassy spokesperson said in a statement: “The United States must stop using cybersecurity to defame and defame China and stop spreading all kinds of misinformation about so-called Chinese hacking threats.”