China’s Digital Typhoon: The Rise of Cyber Attacks Against the US
Abigail Darwish | 17 December 2024
Summary
Since Spring a Chinese hacking campaign, Salt Typhoon, has extensively targeted US telecommunication companies and internet service providers.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) recently advised increased security against the threat, which is ongoing and has not yet been dismantled.
Multiple Chinese-government linked cyber campaigns against the US have occurred this year.
A Chinese hacking campaign is believed to have compromised the private mobile data of over one million Americans, including targeting a top White House Homeland Security Advisor and president-elect, Donald Trump, amongst others. In response, on December 3, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) urged telecommunication companies to take imminent measures to bolster network security against cyber threats.
This warning follows months of unsuccessful efforts by US officials to expel the Chinese government-affiliated hacking groups from telecommunication companies and internet service providers, despite being aware of the breach. The ongoing cyberespionage campaign, dubbed Salt Typhoon, was first publicly announced in October, where dozens of US telecom companies in the US, and globally, were targeted in order to gain access to data of US political leaders, including Trump and J.D. Vance, as well as national security data. However, this operation is part of a longer campaign first detected six months ago. Since then, the hacking group has also leveraged their access to US telecom networks to target the metadata of swaths of American customers, including information on call and text timestamps, as well as recipient information.
In tandem with this, several other large-scale Chinese hacking operations have been uncovered this year. In September, for instance, the FBI revealed that it had disrupted a cyber campaign, ‘Flax Typhoon’, which involved the deployment of malicious software on over 200,000 consumer devices, including cameras and routers. These compromised devices were then used to form a vast botnet, enabling the hacking operation to conduct further cybercrimes.
However, the US’ struggle to effectively counter the expansive Salt Typhoon campaign has raised significant domestic concerns. The chairman of the Senate Intelligence Committee, Mark Warner (D-VA), recently described it as “the worst telecom hack in our nation’s history-by far.” The US has also faced international criticism. On December 3, the Chinese Embassy in Washington DC dismissed these allegations of cyberespionage as “disinformation.” The spokesperson, Liu Pengyu, further stated that China’s government “opposes and combats all kinds of cyber attacks” and advised that the US “needs to stop its own cyberattacks against other countries” and accordingly “refrain” from using cyber security concerns to “smear and slander” China.
Free Malaysia Today
Forecast
Short-term
It is very likely that the recent attacks will exacerbate already strained US-China relations, particularly as trade tensions between the two nations continue to escalate this month.
It is highly likely that this campaign will entrench the divide between Western and Non-Western hostile actors in the sphere of cybersecurity. The recent NATO Cyber Defence Conference, which urged greater security against malicious Russian campaigns is a testament of this.
Long-Term
It is very likely that these cyberattacks will persist amidst deteriorating US-China relations, and more generally between the West and its adversaries such as China and Russia. As cyberattacks continue to be leveraged as a tool of cyberwarfare, they are expected to play a more central role in an increasingly hostile geopolitical climate.