FBI Reports U.S. Telecom Networks Compromised by Chinese State Hackers

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have announced that Chinese state-sponsored hackers breached U.S. telecommunications infrastructure, posing a significant threat to national security.

The agencies reported that this unauthorized access affects critical communications systems nationwide, raising concerns about potential data exposure and disruptions to essential services. In response, a multi-agency investigation is underway, with the FBI and CISA collaborating closely with affected companies to secure their networks.

The breach was first identified by the FBI, which, along with CISA, notified impacted telecom providers and offered technical support to contain the threat. Both agencies have since intensified efforts across the telecom sector, urging organizations to strengthen their cybersecurity defenses.

The FBI and CISA are encouraging any companies suspecting unauthorized access to report incidents to their local FBI field office or CISA. While specific telecom companies affected were not named, the breach has highlighted the vulnerability of critical national infrastructure, drawing attention to cybersecurity practices in the telecommunications sector.

Related Threats Reported in Canada
The Canadian Centre for Cyber Security, part of the Communications Security Establishment (CSE), issued an advisory on reconnaissance scans targeting Canadian government and critical infrastructure sectors. Although these scans are not full breaches, they are often seen as potential precursors to more intrusive attacks.

Attributed to Chinese state-sponsored actors, these scans have targeted a range of organizations, including government departments, democratic institutions, and critical infrastructure, throughout 2024. The Canadian advisory emphasized the need to strengthen defenses against this ongoing reconnaissance, advising proactive steps like rapid patching, multi-factor authentication, and enhanced logging to detect unusual network activity early.

Possible Connections to Prior U.S. Telecom Breaches
This announcement follows a series of cybersecurity incidents attributed to Chinese state actors targeting North American telecommunications. Earlier this month, hackers linked to a Chinese group known as “Salt Typhoon” reportedly accessed networks of major U.S. broadband providers, potentially compromising systems associated with lawful surveillance. Affected firms included major U.S. telecom companies like AT&T, Verizon, and Lumen Technologies, which manage communications for both government and civilian sectors.

Although it's unclear if this recent breach is directly connected to the FBI and CISA disclosures, both cases share a focus on critical communications infrastructure and the possible interception of sensitive data. Salt Typhoon, active since 2020, specializes in intelligence gathering and espionage, often targeting network traffic in North America and Southeast Asia.