Last week, the Chinese hacking and spying operation known as “Salt Typhoon” was revealed to have targeted former president Donald Trump and his running mate, Sen. JD Vance of Ohio, as well as staffers forVice President Kamala Harris’s campaign and for Congress. The Post has reported that the hackers were able to collect audio and text messages from their targets in a wide-ranging espionage operation, which likely began several months ago.
But what is less wellunderstood, according to six current and former senior U.S. officials I spoke with from both parties, all of whom were briefed by the U.S. intelligence communityon the operation, is that the threat is much broader. The Chinese hackers, who the United States believes are linked to Beijing’s Ministry of State Security, have burrowed inside the private wiretapping and surveillance system that American telecom companies built for the exclusive use of U.S. federal law enforcement agencies — and the U.S. government believes they likely continue to have access to the system. Millions of mobile-phone users on the networks of at least three major U.S. carriers could thus be ongoingly vulnerable to Chinese government surveillance.
The U.S. government and the telecom companies that are dealing with the breach have said very little publicly about it since it was first detected in August, leaving the public to rely on details trickling out through leaks. If millions of Americans are vulnerable to Chinese surveillance, they have a right to know now. More information needs to be shared, despite the sensitivity of the issue, the close timing to the election and what remains unknown.
The officials I spoke with, most of whom were not allowed to speak on the record because the hack is being investigated by an interagency team, described a scramble inside the U.S. government to respond to the breach. Several officials told me that targets identified by the intelligence community also include senior U.S. government officials and top business leaders.
“It is much more serious and much worse than even what you all presume at this point,” Senate Intelligence Committee Chairman Mark R. Warner (D-Virginia) said. “It is one of the most serious breaches in my time on the Intelligence Committee.”
The so-called lawful-access system breached by the Salt Typhoon hackers was established by telecom carriers after the terrorist attacks of Sept. 11, 2001, to allow federal law enforcement officials to execute legal warrants for records of Americans’ phone activity or to wiretap them in real time, depending on the warrant. Many of these cases are authorized under the Foreign Intelligence Surveillance Act (FISA), which is used to investigate foreign spying that involves contact with U.S. citizens. The system is also used for legal wiretaps related to domestic crimes.
It is unknown whether hackers were able to access records about classified wiretapping operations, which could compromise federal criminal investigations and U.S. intelligence operations around the world, multiple officials told me. But they confirmed the previous reporting that hackers were able to both listen in on phone calls and monitor text messages.
The officials said the number of compromised targets identified in the investigation is growing. Multiple officials briefed by the investigators told methe U.S. government does not know how many people were targeted, how many were actively surveilled, how long the Chinese hackers have been in the system, or how to get them out.
“Right now, China has the ability to listen to any phone call in the United States, whether you are the president or a regular Joe, it makes no difference,” one of the hack victims briefed by the FBI told me. “This has compromised the entire telecommunications infrastructure of this country.”
The Wall Street Journal first reported on Oct. 5 that China-based hackers had penetrated the networks of U.S. telecom providers and might have penetrated the system that telecom companies operate to allow lawful access to wiretapping capabilities by federal agencies. On Oct. 10, the leaders of the House Select Committee on the Chinese Communist Party sent a letter to the chief executives of Verizon, AT&T and Lumen Technologies asking them when they detected the attack and what they were doing about it.
Rep. Raja Krishnamoorthi (Illinois), the ranking Democrat on the committee, told me during an interview that Congress and the federal government spent years working to keep Chinese technology out of the U.S. telecom system for fear Beijing might use it to spy on Americans. Now, Chinese intelligence might have outmaneuvered them by breaking in through the back door, he said.
There’s no evidence yet that Beijing plans to use any information collected to interfere in U.S. politics or Tuesday’s presidential election, though it remains a concern, Krishnamoorthi told me. But short of that, Beijing could still use these operations to hurt the United States in several ways, he said. The Chinese government could use its infiltration of U.S. telecom networks to disable them during warfare, for instance. The information collected from Americans could be used for blackmail or disinformation campaigns.
“Not only are they potentially inserting malware to disrupt our telecommunications networks. On top of that, it’s a surveillance system,” the congressman told me.
Krishnamoorthi said he believes the companies have a moral and perhaps a legal obligation to inform their customers about a breach of this nature. Americans can only change their practices — by relying more on encrypted apps, for instance — if they are aware of the threat, he said.
“How long have [the hackers]been doing this? What are we doing to combat it? What is the price to pay for them doing that? … I haven’t received any definitive answers,” he said. “We want people to know and then to be able to take countermeasures to protect themselves.”
A Verizon spokesperson told me the company was working with federal law enforcement “to confirm, assess and remediate any potential impact” of the reported breach. Lumen declined to comment, and AT&T did not respond to a request for comment.
The White House has also said nothing about the breach. The National Security Council declined to comment, and the FBI did not respond to a request for comment. On Oct. 25, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) released a brief statement stating that the U.S. government was investigating “unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.”
That same day, the FBI notified 40 victims of Salt Typhoon, according to multiple officials. The FBI informed one person who had been compromised that the initial group of identified targets included six affiliated with the Trump campaign, this person said, and that the hackers had been monitoring them as recently as last week. According to that individual, Trump, Vance, Eric Trump, Jared Kushner and two other Trump campaign advisers were told they had been surveilled.
“They had live audio from the president, from JD, from Jared,” the person told me. “There were no device compromises, these were all real-time interceptions.”
Vance publicly confirmed that his and Trump’s phones were “hacked by Chinese hackers” during his interview with podcaster Joe Rogan released on Thursday. “They only got some offensive memes and me telling my wife to buy more milk at the grocery store,” he said. “They couldn’t get my encrypted messages; I use Signal and iMessage.”
Vance was correct to say that encrypted apps and iMessage are not affected by the hack, so long as they are used over WiFi rather than over cellular networks. But Vance’s confidence that Chinese hackers did not gain useful material could be unfounded, because the duration of the surveillance is believed to date back to last year.
Vance told Rogan the Chinese hackers cracked a “backdoor telecom infrastructure that was developed in the wake of the Patriot Act.” Many in the MAGA wing of the Republican Party have long criticized the federal government’s use of post-9/11 legal authority to surveil Americans. The use and alleged abuse of FISA warrants to surveil Trump campaign members were the basis of Trump’s (incorrect) claim that President Barack Obama spied on him in 2016.
Though the Chinese hack is not connected to that directly, Republicans are sure to point to this breach to reopen the debate over the safety and management of the FISA system. The Trump campaign is already blaming the Biden administration for the breach. “Kamala Harris and Democrats have continued to engage in election interference and will stop at nothing, including emboldening China and Iran attacking critical American infrastructure, to prevent President Trump from returning to the White House,” Trump campaign communications director Steven Cheung told me.
The Harris campaign declined to comment. Sources in both camps tell me that top officials have been warned about the vulnerability and are adjusting their communications practices in response.
Chinese hacking and spying operations are hardly new. For example, since 2021, the U.S. government has been tracking a separate Chinese operation known as Volt Typhoon, which sought to embed itself in critical infrastructure within U.S. manufacturing, construction and information technology. But telecom infrastructure in the United States was considered more secure, until now.
“Chinese intelligence is targeting critical nodes that make our entire system vulnerable and give them unprecedented ability to target individual Americans,” Peter Mattis, a former counterintelligence official and president of the Jamestown Foundation, a Washington think tank, told me. “Breaches like this showcase their world-class sophistication and the necessity of taking Chinese intelligence seriously.”
Based on what is already known, this breach represents a major failure of the telecom companies and the U.S. government to protect critical infrastructure, as is their joint responsibility. But the blame game can wait. Right now, the American people need to know more about the ongoing threat to their privacy. And the Chinese government needs to pay a cost, or Beijing will conclude there is no risk in continuing to surveil Americans’ private communications.
Hat Tip Washington Post