U.S. Wiretap Systems Targeted in China-Linked Hack (msn.com) 27
"A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers," reports the Wall Street Journal, "potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.
"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk." The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...
The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.
"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk." The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...
The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.
And about that.. (Score:5, Insightful)
Now consider the call for "breaking encryption" so law enforcement can go after criminals and how that power could never be misused.
This event clearly shows what an utterly stupid idea that is.
These interfaces should be air gapped (Score:4, Insightful)
Make 'em physically show up to gain access to the switching equupment. This was how it was done with old electro-mechanical switches. A switchman had to be present in the central office to trace a call, add a pen register or tap a telephone conversation. It's too easy for someone to hack into a remote interface such as this, and it makes it to easy for the government to conduct blanket search warrants. https://www.law.cornell.edu/wex/blanket_search_warrant
Good (Score:1)
Re: (Score:2)
I have. They are the guys wiretapping everyone without a warrant so they can do parallel construction [wikipedia.org] , right?
Re: (Score:2)
I know a controversial political news guy who FIB tried to plant CP on.
Due to impeccable backup logs it was shown how a Flash exploit was used to gain access then a whole tranche of awful stuff was placed and then they did a raid citing an insider whistleblower.
They dropped the case rather than answer to it. The warrant judge did nothing.
Pure evil.
Re: (Score:2)
I'm interested to know more on this. How do you know that this is true?
Re: (Score:2)
There's no logical way for a wiretap to not violate the 4th amendment. The wire is tapped no matter who is speaking. Tell me why it should be legal for the government to listen in when a suspect's wife borrows a phone to order a pizza. These are two people that are not suspected of any crime, having a conversation. What should the penalty be to the government for violating the rights of two people not suspected of any crime? You seem to want them to just get away with it.
Re: (Score:2)
I mean.. sure it could be possible. They could get lucky and not hear any 3rd party conversations. But again, if they did, what should be the penalty for that. What is penalty when a regular person does it? We should hold the government to a higher moral standard than we do regular people, so the penalty should be even greater than what it would be if a regular person did it. Doesn't matter if its admissible when it involves people not even suspected of a crime. By your logic they should just record
Re: (Score:2)
If someone has a backdoor... (Score:5, Insightful)
Consumer electronics should not be used to transmit or store sensitive information. Full stop.
A solved problem, but not deployed (Score:4, Interesting)
More than two decades ago now, I was privileged to be on a team of security experts that fully defined a system for deploying legal wiretap capability in cable ISPs in a secure manner.
To the best of my knowledge, not a single ISP deployed what we defined. Instead, they listened to the marketing people from various companies that sold them proprietary equipment.
The real problem, it seemed to me then, and still seems to me, is that the people in charge of making deployment decisions really don't understand this stuff (a classic statement from one very large ISP at the time: "We don't need more security; we have firewalls") -- instead, they seem only too happy to be wined/dined/golf-gamed into deploying something that any reasonably competent security expert would recognise as, let us say, sub-optimal.
Re: (Score:2)
A wire-tap, by definition, exists to abuse the customer. Why spend more money protecting the customer? If that affects the police, that's not the tel-Cos problem, they provided the mandated access, they didn't have to do anything else: A lack of privacy laws, guarantees that.
Re: (Score:2)
The real problem, it seemed to me then, and still seems to me, is that the people in charge of making deployment decisions really don't understand this stuff -- instead, they seem only too happy to be wined/dined/golf-gamed into deploying something that any reasonably competent security expert would recognise as, let us say, sub-optimal.
Ah, yes? How do you think barely functional trash like Windows/o365 and utter crap like Crowdstrike became so big? Also, still zero liability for the vendors, regardless how extremely they screw up. What do you expect in that situation?
Re: (Score:2)
The "no-liability" stuff goes way too far. Why do parking garages have zero liability for physical security, the upkeep of the lot or if the building breaks and something falls on my car ?
Re: (Score:2)
A embedder dev once told me he does not need authentication, they have ssl. I said, "ah, cool, mTLS". He looked at me funny...there was no client certs....
Counterintelligence (Score:2)
There are many reasons they'd want this access, but I think a big one is figuring out which Chinese expats are collaborating with US intelligence.
How were they found? How did they get in? (Score:2)
And how did they stay hidden? This needs to be shared.
Noone saw this coming (Score:4, Insightful)
You have such a nice spying system there (Score:3)
Tell me why other countries should not try to spy on it.
Funny that (Score:3)
Soo, wiretapping systems are so badly secured that they can be hacked from around the globe? Maybe it is a _really_ bad idea having these systems?
Wiretap from the Internet? WTF? (Score:1)
Backdoored the backdoor (Score:3)
The US insists on putting backdoors in everything - and then lets itself get hacked. Talk about arrogantly getting everything wrong all the time..
Wiretap systems hacked (Score:2)