The White House has formed an emergency team to deal with China's espionage hack
Business

The White House has formed an emergency team to deal with China's espionage hack

Posted on by James Nelson

The Biden administration this week created a multi-agency team to tackle a growing crisis involving Chinese cyber attacks on US telecommunications companies believed to be for intelligence gathering.

The breach has now affected “about 10 or 12” companies, said two people familiar with the investigation, who spoke on condition of anonymity because of the sensitivity of the matter, as did others interviewed for this article. People did not specify whether the companies were all American firms or some subsidiaries.

At least three major companies have been breached: AT&T, Verizon and Lumen. All declined to comment.

The US government, companies and security agencies helping to investigate the intrusion still don't know how the attacker first got into the companies' networks. The lack of an obvious entry point makes it difficult to root out an attacker, multiple people familiar with the matter said.

“It's a sophisticated actor, and you need sophisticated ways to do it,” one person said. “The offense is better than the defense. … This appears to be an elaborate intelligence operation, and it is one [the government is] determined to address.”

The White House on Tuesday convened a meeting of undersecretaries from key agencies to come up with what is known as the “Integrated Coordination Group.” The group's role is to ensure consistent inter-agency visibility into feedback by the FBI, the Office of the Director of National Intelligence, and the Department of Homeland Security's Cybersecurity and Information Security Agency (CISA).

The FBI, White House National Security Council and CISA declined to comment on ongoing investigations.

A similar coordination group was formed to address the Chinese breach of Microsoft Exchange servers in early 2021, and before that, the Russian SolarWinds compromise that enabled the breach of nine federal agencies, though not the Pentagon, officials said at the time.

Investigators are still working to understand the scope and nature of the compromise and what the hackers accessed or exposed.

Microsoft has privately blamed the breach on a group known as Salt Typhoon, US officials said. Microsoft discovered some intrusions last month.

Whether the latest breach was actually the work of Salt Typhoon — believed by U.S. intelligence to be an arm of the Ministry of State Security, China's foreign spy service — remains uncertain, officials say privately.

But a US official said that whether it proved to be the work of a Chinese security agency or contractor, the signs point to a breach conducted by or linked to the Chinese government for purposes of espionage or counter-espionage.

A U.S. official told The Washington Post last week that “there are some indications” that the systems target federal wiretap requests to telecommunications providers. However, investigators “still don't have 100 percent proof that they were compromised,” said the person familiar with the matter.

On Thursday, leaders of the Chinese Communist Party's House Select Committee wrote to the chief executives of the three companies asking for a closed-door briefing about the breach, including what specific measures the companies are taking to defend against federal wiretap requests.

If China's state-sponsored hackers gain access to information about federal requests for wiretaps, it would be “a golden opportunity” to thwart U.S. efforts to gather intelligence on Chinese government activities, a former U.S. intelligence official told The Post. That would enable adversaries to understand who the U.S. government is interested in and undermine surveillance efforts, the former official said.

Source link

About The Author

James Nelson

See author's posts

Leave a Reply

Your email address will not be published. Required fields are marked *