Posted on 10/07/2024 8:22:44 PM PDT by SeekAndFind
Using a security loophole that allows the US government access to anybody's electronic traffic, Chinese hackers gained access to an unknown quantity (perhaps all) of internet traffic on American networks. In an exclusive report in Saturday's Wall Street Journal the secret breach was revealed.
Good thread too:
Manufacturers of networking and phone gear must follow specific standards for 'lawful interception' in different jurisdictions (e.g. CALEA & ETSI's standards)
But as we learn time & time again, the scope of potential access & harm almost never matched by efforts to detect & block malicious use.
https://t.co/jKREtYTBuh— Matt Johansen (@mattjay) October 5, 2024
The attack SOUNDS like the hackers could potentially have access to everything that crosses certain networks by using backdoor access that the US government mandates to permit wiretapping when authorized by a warrant. In other words, there is a built-in insecurity to the networking systems in order to allow government officials to tap your data. The Chinese got access to the backdoor.
A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.
For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said.
Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said.
The wording here is a little vague, and I think intentionally so, about whether the Chinese had access ONLY to data that the US government was wiretapping. That seems impossible, given that the access to wiretapping abilities is not limited to splicing wires or something like that. It is a function of software, and that software was hacked. In this case the Chinese could access whatever they chose. No doubt that didn't include everything, since there would be no way to store and make sense of it all, but as with our own government they could target whomever they wanted using the security hole built into the system.
The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn’t be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach.
The attack and its significance was discovered in recent weeks and remains under active investigation by the U.S. government and private-sector security analysts. Investigators are still working to confirm the breadth of the attack and the degree to which the actors observed data and exfiltrated some of it, the people said.
The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said.
A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome.
Again, with the weasel words. To me, this sounds catastrophic for anybody targeted. The Chinese had access to anything from anybody they targeted across these networks. Think of all the sensitive data YOU send over the internet, such as financial information, and multiply that a millionfold for the companies and government.
There's constant pressure from governments to bake-in systems for access.
Failure to comply with those demands is met with big sanctions. Just look at Durov.
Yet I predict that there will be zero meaningful accountability over this breach.https://t.co/TkgEP3xvYS— John Scott-Railton (@jsrailton) October 5, 2024
I say weasel words because, if I am reading between the lines, basically everything that travels over the internet (presumably the most sensitive government information uses a closed system, although I don't know that at all) was wide open to the Chinese. Wide open.
“It will take time to unravel how bad this is, but in the meantime it’s the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game,” said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People’s Republic of China. “If companies and governments weren’t taking this seriously before, they absolutely need to now.”
Salt Typhoon has been active since 2020 and is a nation-state hacking group based out of China that focuses on espionage and data theft, particularly capturing network traffic, Microsoft said in a research note written in August. “Most of Salt Typhoon’s targets are based in North America or Southeast Asia,” Microsoft said, noting that other cybersecurity companies call the group GhostEmperor and FamousSparrow.
Could any of the recent outages in service, particularly on Verizon, be related to this attack? I do not know, but if so it wouldn't necessarily have to be a direct result of a cyberattack to disrupt the system. It might be possible that efforts to update the security of routers and other equipment might be related. That is just speculation on my part, though.
Who watchers the watchers? Turns out China does.
My summary:U.S. spying on it's citizens and China taking advantage of that backdoor for months before anyone realizing.
Why it matters: The intrusion could give Chinese intelligence access to court-authorized wiretap requests and vast amounts of internet traffic, undermining U.S. law enforcement and intelligence operations.
https://t.co/iK65hu7PC8— Matt Johansen (@mattjay) October 5, 2024
It seems to me that the story downplays how significant this attack was. It sounds catastrophic to me, and it was directly caused by government mandates to require a security loophole.
Mandates so strict that the French arrested the CEO of Telegram, Pavel Durov, to enforce their demand for access to his platform. No doubt the US pushed for this as well as the French.
Spies used to risk their lives or imprisonment in order to get blurry photos of classified information. From half a world away, the Chinese got access to almost everything for months...or longer.
This should be one of the biggest stories right now, not Kamala Harris' appearing on a sex podcast and Howard Stern.
Our leaders are not serious people.
Why is this not an act of war?
“Our leaders are not serious people. “
Absolute truff.
[I think Trump is series, along with Musk. Not many others though. :-(]
Because of Brain Dead and Kackles.
Protecting children from terrorists is what communism is all about but now that the feds have granted themselves access to every bit of information about us well that was not enough so they need to record and store that information so that it can be used against us later.
You wanna know why microsoft needs a nuclear power plant to be brought on line for their data centers? It is to collect and store all that information about us.
That is the big secret in this story.
Because Democrats are Marxists and GOP are Quisling traitors.
Don't EVEN try to tell me that no one ever warned that this might would happen...
thanks again bush.
I think they need all the power to run AI.
Storage and collection is easy.
AI is brute force... and that takes a lot of power. Lots of calculations... brute force.
Ha Ha!
Because the Walz WANTS to lick chinese boots. He is gay for chinamen.
finnigan, for the love of God start thinking outside the box. It sounds to me as if the Chinese had some inside help exploiting that "security loophole." But I'm sure this article, and others to follow, would rather Americans like you believe this event was about a "computer hack" rather than sabotage. And remember, I'm here to help you.
IF THERE IS A MASSIVE LAW SUIT AGAINST MICROSOFT...I SOOOOOO WANT TO BE A PART OF IT.
I USED TO ENJOY GOING ON COMPUTER FOR INFORMATION, BUT SINCE I GOT THIS BIG MAHAFEE ...NEW COMPUTER...I DON’T HAVE CONTROL, NOR CHOICE OF THE “NET”.
I COULD EASILY SAY.....GOODBYE TO COMPUTER WORLD FOREVER.
The sheer blackmail potential explains a lot about how the elite behave.
Every email, text, and call has been compromised by Biden/harris incompetence
You might consider switching your computer to Linux.
The Deep State (aka USA government) is afraid of the people. This is good. They should be afraid.
The skullduggery committed by these depraved, filthy evil, power crazed globohomo’s in Washington, London, Paris, and Brussels (along with the junior lickspittle partners in Ottawa, Canberra and Wellington) are finally coming to an end, and they WILL be held accountable.
Sever pain and punishment is coming and the entire world is going to feel it.
“....backdoor access that the US government mandates to permit wiretapping when authorized by a warrant. “
~~~
Riiiiiighhtttt. “Warrant”
Suuuurrreee.
If the chinese hackers had unfettered access to our internet spying apparatus without anything restricting them like pesky little “warrants”, then anyone in the deep-state had access to our internet spying apparatus.
Not being that computer savvy, I shall look into it.
I was told there is only Microsoft and Apple.
Some choice.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.