Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 11 submissions in the queue.
posted by hubie on Wednesday November 20, @09:41AM   Printer-friendly
from the salt-typhoon dept.

'We are deeply alarmed [the Department of Homeland Security] has not publicly disclosed when this investigation will begin,' the senators stated in a letter:

A bipartisan group of senators has urged a federal review board to immediately begin an investigation into a Chinese hacking group's attacks against the United States, according to a recent letter sent to Robert Silvers, undersecretary for policy at the Department of Homeland Security (DHS).

Led by Sen. Eric Schmitt (R-Mo.), the senators wrote in a letter dated Nov. 14 that the independent Cyber Safety Review Board (CSRB) had announced in late October that it would initiate a review "at the appropriate time," a DHS spokesman confirmed in a statement to the Wall Street Journal, following media reports that Salt Typhoon, a Chinese state-sponsored threat group, had breached several U.S. telecommunications companies.

[...] The senators noted that the CSRB's announcement "is a good first step." The CSRB, established by the DHS in 2022, consists of federal officials and private-sector cybersecurity experts.

"We are deeply alarmed DHS has not publicly disclosed when this investigation will begin," the senators wrote. "While details of the attack are still being revealed, the scope of this attack is historic in nature and the hacking technique used by Salt Typhoon holds countless senior U.S. officials and millions of U.S. citizens at risk.

"With all due speed and urgency, the CSRB should begin investigating how this happened immediately."

Previously: U.S. Wiretap Systems Targeted in China-Linked Hack


Original Submission

Related Stories

U.S. Wiretap Systems Targeted in China-Linked Hack 24 comments

U.S. Wiretap Systems Targeted in China-Linked Hack

From Schneier's Blog

A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

https://www.schneier.com/blog/archives/2024/10/china-possibly-hacking-us-lawful-access-backdoor.html

It's a weird story. The first line of the article is: "A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers." This implies that the attack wasn't against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers.

For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the "wrong" eavesdroppers.

Pluralistic: China Hacked Verizon, AT&T and Lumen Using the FBI's Backdoor (07 Oct 2024) – Pluralist

Pluralistic: China hacked Verizon, AT&T and Lumen using the FBI's backdoor (07 Oct 2024) – Pluralistic: Daily links from Cory Doctorow:

China hacked Verizon, AT&T and Lumen using the FBI's backdoor (permalink)

State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic – from individuals, firms, government officials, etc – and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish:

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

In 1994, Bill Clinton signed CALEA into law. The Communications Assistance for Law Enforcement Act requires every US telecommunications network to be designed around facilitating access to law-enforcement wiretaps. Prior to CALEA, telecoms operators were often at pains to design their networks to resist infiltration and interception. Even if a telco didn't go that far, they were at the very least indifferent to the needs of law enforcement, and attuned instead to building efficient, robust networks.

Predictably, CALEA met stiff opposition from powerful telecoms companies as it worked its way through Congress, but the Clinton administration bought them off with hundreds of millions of dollars in subsidies to acquire wiretap-facilitation technologies. Immediately, a new industry sprang into being; companies that promised to help the carriers hack themselves, punching back doors into their networks. The pioneers of this dirty business were overwhelmingly founded by ex-Israeli signals intelligence personnel, though they often poached senior American military and intelligence officials to serve as the face of their operations and liase with their former colleagues in law enforcement and intelligence.

Telcos weren't the only opponents of CALEA, of course. Security experts – those who weren't hoping to cash in on government pork, anyways – warned that there was no way to make a back door that was only useful to the "good guys" but would keep the "bad guys" out.

These experts were – then as now – dismissed as neurotic worriers who simultaneously failed to understand the need to facilitate mass surveillance in order to keep the nation safe, and who lacked appropriate faith in American ingenuity. If we can put a man on the moon, surely we can build a security system that selectively fails when a cop needs it to, but stands up to every crook, bully, corporate snoop and foreign government. In other words: "We have faith in you! NERD HARDER!"

Chinese Salt Typhoon Hackers 1st Spotted on Federal Networks Under Another Name 10 comments

With the help of tipsters, the cybersecurity agency was able to 'connect the dots' to crack what has been called one of the worst telecom hacks in US history:

Chinese state-backed cyber espionage group Salt Typhoon, which has been in the news for its breach of U.S. telecom firms, was first discovered on the federal network using a different name, according to Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA).

"We saw it as a separate campaign called another goofy cyber name. And we were able to—based on the visibility that we had within the federal networks—to be able to connect some dots," she said during a discussion at the Foundation for Defense of Democracies on Jan. 15.

[...] The earlier identification under a different name enabled officials to connect the dots with the help of tipsters from the private sector, which Easterly said ultimately "led to kind of cracking open the larger Salt Typhoon piece."

[...] On Jan. 17, the U.S. Treasury Department announced it was sanctioning Chinese cybersecurity company Sichuan Juxinhe Network Technology Co. for "direct involvement in the Salt Typhoon cyber group."

"Chinese state-backed cyber actors continue to present some of the greatest and most persistent threats to U.S. national security," the Treasury Department said.

The Treasury Department also sanctioned Shanghai-based hacker Yin Kecheng, who was allegedly behind a major breach of the department's network in early December. The cyber actor is affiliated with China's Ministry of State Security, the department said.

Previously:


Original Submission

This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2) by VLM on Wednesday November 20, @12:46PM (1 child)

    by VLM (445) on Wednesday November 20, @12:46PM (#1382584)

    DHS has not publicly disclosed when this investigation will begin

    Probably a false flag. Or its one of those groups that's 51+% feds.

    • (Score: 2) by DannyB on Wednesday November 20, @04:21PM

      by DannyB (5839) Subscriber Badge on Wednesday November 20, @04:21PM (#1382598) Journal

      Or maybe that's what they want you to think?

      Or maybe they don't want the hacking group to know when or if there will actually be an investigation.

      --
      Satin worshipers are obsessed with high thread counts because they have so many daemons.
  • (Score: 2) by Frosty Piss on Wednesday November 20, @03:33PM (1 child)

    by Frosty Piss (4971) on Wednesday November 20, @03:33PM (#1382595)

    Is this one of Musk's new departments?

    • (Score: 3, Funny) by DannyB on Wednesday November 20, @04:25PM

      by DannyB (5839) Subscriber Badge on Wednesday November 20, @04:25PM (#1382599) Journal

      That's a bad choice. If Mike Lindell can be in charge of election security, then he should also be in charge of "the cyber".

      <no-sarcasm>
      I seriously believe that Lindell is equally qualified for both jobs. Yes, really, I do. For real.
      </no-sarcasm>

      --
      Satin worshipers are obsessed with high thread counts because they have so many daemons.
(1)