A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers.
“Identified exploitations or compromises associated with these threat actors’ activity align with existing weaknesses associated with victim infrastructure; no novel activity has been observed,” government agencies said.
U.S. officials told Tuesday that the threat actors are still lurking inside U.S. telecommunications networks about six months after an investigation into the intrusions commenced.
The attacks have been attributed to a nation-state group from China tracked as Salt Typhoon, which overlaps with activities tracked as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286. The group is known to be active since at least 2020, with some of the artifacts developed as early as 2019.
Last week, T-Mobile acknowledged that it detected attempts made by bad actors to infiltrate its systems, but noted that no customer data was accessed.
Word of the attack campaign first broke in late September, when The Wall Street Journal reported that the hacking crew infiltrated a number of U.S. telecommunications companies as part of efforts to glean sensitive information. China has rejected the allegations.
To counter the attacks, cybersecurity, and intelligence agencies have issued guidance on the best practices that can be adapted to harden enterprise networks –
“Patching vulnerable devices and services, as well as generally securing environments, will reduce opportunities for intrusion and mitigate the actors’ activity,” according to the alert.
The development comes amid escalating trade tensions between China and the U.S., with Beijing banning exports of critical minerals gallium, germanium, and antimony to America in response to the latter’s crackdown on China’s semiconductor industry,
Earlier this week, the U.S. Department of Commerce announced new restrictions that aim to limit China’s ability to produce advanced-node semiconductors that can be used in military applications, in addition to curbing exports to 140 entities.
While Chinese chip firms have since pledged to localize supply chains, industry associations in the country have warned domestic companies that U.S. chips are “no longer safe.”
