Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 9 submissions in the queue.
posted by hubie on Thursday November 21, @12:14AM   Printer-friendly
from the phoning-it-in dept.

T-Mobile's network was among the systems hacked in a damaging Chinese cyber-espionage operation that gained entry into multiple US and international telecommunications companies, The Wall Street Journal reported on Friday citing people familiar with the matter:

Hackers linked to a Chinese intelligence agency were able to breach T-Mobile as part of a monthslong campaign to spy on the cellphone communications of high-value intelligence targets, the Journal added, without saying when the attack took place.

[...] It was unclear what information, if any, was taken about T-Mobile customers' calls and communications records, according to the WSJ report.

[...] On Wednesday, The Federal Bureau of Investigation (FBI) and the US cyber watchdog agency CISA said China-linked hackers have intercepted surveillance data intended for American law enforcement agencies after breaking into an unspecified number of telecom companies.

Earlier in October, the Journal reported that Chinese hackers accessed the networks of US broadband providers, including Verizon Communications, AT&T and Lumen Technologies and obtained information from systems the federal government uses for court-authorized wiretapping.

Previously: U.S. Wiretap Systems Targeted in China-Linked Hack


Original Submission

Related Stories

U.S. Wiretap Systems Targeted in China-Linked Hack 24 comments

U.S. Wiretap Systems Targeted in China-Linked Hack

From Schneier's Blog

A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

https://www.schneier.com/blog/archives/2024/10/china-possibly-hacking-us-lawful-access-backdoor.html

It's a weird story. The first line of the article is: "A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers." This implies that the attack wasn't against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers.

For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the "wrong" eavesdroppers.

Pluralistic: China Hacked Verizon, AT&T and Lumen Using the FBI's Backdoor (07 Oct 2024) – Pluralist

Pluralistic: China hacked Verizon, AT&T and Lumen using the FBI's backdoor (07 Oct 2024) – Pluralistic: Daily links from Cory Doctorow:

China hacked Verizon, AT&T and Lumen using the FBI's backdoor (permalink)

State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic – from individuals, firms, government officials, etc – and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish:

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

In 1994, Bill Clinton signed CALEA into law. The Communications Assistance for Law Enforcement Act requires every US telecommunications network to be designed around facilitating access to law-enforcement wiretaps. Prior to CALEA, telecoms operators were often at pains to design their networks to resist infiltration and interception. Even if a telco didn't go that far, they were at the very least indifferent to the needs of law enforcement, and attuned instead to building efficient, robust networks.

Predictably, CALEA met stiff opposition from powerful telecoms companies as it worked its way through Congress, but the Clinton administration bought them off with hundreds of millions of dollars in subsidies to acquire wiretap-facilitation technologies. Immediately, a new industry sprang into being; companies that promised to help the carriers hack themselves, punching back doors into their networks. The pioneers of this dirty business were overwhelmingly founded by ex-Israeli signals intelligence personnel, though they often poached senior American military and intelligence officials to serve as the face of their operations and liase with their former colleagues in law enforcement and intelligence.

Telcos weren't the only opponents of CALEA, of course. Security experts – those who weren't hoping to cash in on government pork, anyways – warned that there was no way to make a back door that was only useful to the "good guys" but would keep the "bad guys" out.

These experts were – then as now – dismissed as neurotic worriers who simultaneously failed to understand the need to facilitate mass surveillance in order to keep the nation safe, and who lacked appropriate faith in American ingenuity. If we can put a man on the moon, surely we can build a security system that selectively fails when a cop needs it to, but stands up to every crook, bully, corporate snoop and foreign government. In other words: "We have faith in you! NERD HARDER!"

This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 4, Interesting) by Barenflimski on Thursday November 21, @01:18AM (2 children)

    by Barenflimski (6836) on Thursday November 21, @01:18AM (#1382658)

    That's fairly impressive they were able to get into the snooping systems.

    That stuff is locked down in so many ways, its a big question. How did they get access to this stuff? Very few people have credentials. Getting access to those networks is no small feat. Maybe a few 0-days into Windows along with the firewalls? Inside job? Phished some extremely high level credentials? Found a service account they could change?

    What will be even more interesting to know is how long they've been in and able to monitor these systems. My guess is they've been in awhile and got caught expanding their footprint. Someone in the Chinese spy agency is going to be pissed.

    • (Score: 5, Interesting) by Mykl on Thursday November 21, @03:16AM

      by Mykl (1112) on Thursday November 21, @03:16AM (#1382669)

      But are these systems really locked down as hard as they say they are?

      After 9/11 there was a shift to ensure that information could be shared between agencies much more easily and widely - I assume that this was the case between agencies and industry too.

      I for one am totally unsurprised that the systems the government uses to spy on their citizens are now being used to spy on their citizens.

    • (Score: 0) by Anonymous Coward on Thursday November 21, @03:58AM

      by Anonymous Coward on Thursday November 21, @03:58AM (#1382670)

      Usually it is a human getting fooled.

  • (Score: 2, Insightful) by dwilson98052 on Thursday November 21, @01:23AM (9 children)

    by dwilson98052 (17613) on Thursday November 21, @01:23AM (#1382659)

    CUT them off from the rest of the internet for a few days are punishment for behaving badly.

    Poison their routes, jam their signals, and demand that all allies do the same.

    They'll stop.

    • (Score: 2) by Tork on Thursday November 21, @01:23AM (2 children)

      by Tork (3914) Subscriber Badge on Thursday November 21, @01:23AM (#1382661)
      Is that even possible?
      --
      🏳️‍🌈 Proud Ally 🏳️‍🌈
      • (Score: 2) by dwilson98052 on Thursday November 21, @10:58PM (1 child)

        by dwilson98052 (17613) on Thursday November 21, @10:58PM (#1382780)

        Absolutely.

        Do a search for BGP poisoning... it's really quite easy to do since most of the internet is simply built on trust.

        • (Score: 2) by Tork on Thursday November 21, @11:11PM

          by Tork (3914) Subscriber Badge on Thursday November 21, @11:11PM (#1382783)
          For what it's worth I don't actually know any better than that, I'm just surprised we haven't seen it happen by now. I always assumed that was due to the internet's architecture making it damned difficult to boot a whole country out.
          --
          🏳️‍🌈 Proud Ally 🏳️‍🌈
    • (Score: 4, Insightful) by gawdonblue on Thursday November 21, @07:08AM

      by gawdonblue (412) on Thursday November 21, @07:08AM (#1382674)

      Excellent idea.

      And do the same to every other country that intrudes on anothers network.

      It will be good to get rid of Facebook and friends.

    • (Score: 2) by Freeman on Thursday November 21, @02:30PM (4 children)

      by Freeman (732) on Thursday November 21, @02:30PM (#1382702) Journal

      Please stop encouraging another Cold War.

      --
      Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
      • (Score: 2) by RedGreen on Thursday November 21, @05:03PM (2 children)

        by RedGreen (888) on Thursday November 21, @05:03PM (#1382723)

        "Please stop encouraging another Cold War."

        There is nothing cold about it, the Chinese are engaged in a hot war with us right now. Through their support of the war in Europe by Russia and now for the second time a cargo ship from there is involved in an act of war by cutting the internet cables in the Baltic Sea added onto the pipeline they did a few months ago, another act of war. Add in the 24/7 hacking of critical systems and all out economic war to destroy anything but Chinese businesses. They are flat out at it on all fronts and unless the spineless bastards we have for politicians get at doing something to defend us we have not got a hope in hell of winning any of it.

        --
        "I modded down, down, down, and the flames went higher." -- Sven Olsen
        • (Score: 3, Insightful) by Freeman on Thursday November 21, @05:25PM

          by Freeman (732) on Thursday November 21, @05:25PM (#1382727) Journal

          Mea Culpa.

          Dear Warmongers,

          Stop encouraging World War III.

          Thanks,
          Most people who don't want to die in a giant ball of fire.

          P.S.
          https://youtu.be/VqhCQZaH4Vs [youtu.be]

          --
          Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
        • (Score: 2) by corey on Thursday November 21, @10:25PM

          by corey (2202) on Thursday November 21, @10:25PM (#1382777)

          You're right, them and their puppet, NK are going all out, from the public articles and things I read.

          I believe they are more involved in Ukraine than we realise, including authorising/encouraging NK troops and armaments for the Ukraine invasion. I would love to be a fly in the wall in the NSA or the US geo intelligence agency (can't remember the acronym), they must be aware of the movements of things over the China/Russia/NK borders at night. But what to do, that's the question. Anyway there's a whole discussion there.

          I don't think cutting internet with China is going to do any good for anyone, there's a shitload of ecommerce comms from western businesses and retailers going there so that'll hurt us. But maybe we need to take some pain too.

          There's a long-term problem in China, that being demographics. As I understand, the 1-child policy is coming back to bite bigtime. An absolutely outsized part of their population is working age right now, which is great for their economic growth now, but in the next decade they are retiring. There's nowhere near enough younger people to replace them so their economy is predicted to (and starting to) tank. And young people don't want more than 1-2 kids. Usually, in the past, countries start importing immigrants and foreign workers to fill the gap, but China will need up to a couple of hundred million. And who wants to go work in China? Not many, that's the problem so that isn't a fix. Their only option is automation, but that's also pushing it. The USA had a soft landing after the baby boomers (and they didn't have a 1-child policy), and they're now sustainable demographically. Anyway, how that relates to your anger at China - yeah maybe we should do more but maybe the above will help you feel better. :)

      • (Score: 3, Funny) by dwilson98052 on Thursday November 21, @11:00PM

        by dwilson98052 (17613) on Thursday November 21, @11:00PM (#1382782)

        Or..... stop letting bad people behave badly because you're scared of a little conflict.

        Spare the rod, spoil the child. Same applies to countries.

        Sometimes you need to stand up to bullies.

  • (Score: 3, Informative) by Tork on Thursday November 21, @01:23AM (2 children)

    by Tork (3914) Subscriber Badge on Thursday November 21, @01:23AM (#1382660)
    Wanna know what's fun about being a T-Mobile customer today while reading about hacks like this? About a year ago T-Mobile said: "You can only get your Autopay discount if you use a debit card or T-Mobile MoneyTM". Credit cards need no-longer apply. So to save nearly 20% on my bill my auto-payment is coming from the same account my rent-check does.

    So... no more credit card perks AND if a hack wipes out my bank account (instead of my credit line... grrr) I get to have a lovely conversation with my spouse. It's been a couple of years since I wasn't filled with contempt over their "uncarrier" branding.
    --
    🏳️‍🌈 Proud Ally 🏳️‍🌈
    • (Score: 2) by Frosty Piss on Thursday November 21, @02:52AM (1 child)

      by Frosty Piss (4971) on Thursday November 21, @02:52AM (#1382666)

      I have a number of "debit card" accounts. My paycheck and rent are in and out of one, everything else comes out ofy trash account. ALWAYS separate your important stuff from the account you use online.

      • (Score: 2) by Tork on Thursday November 21, @03:01AM

        by Tork (3914) Subscriber Badge on Thursday November 21, @03:01AM (#1382668)
        True, I need to do that. I just got really put-off by TMob excitedly trying to extort me into using T-Mobile Money.
        --
        🏳️‍🌈 Proud Ally 🏳️‍🌈
  • (Score: 1, Funny) by Anonymous Coward on Thursday November 21, @02:46AM

    by Anonymous Coward on Thursday November 21, @02:46AM (#1382665)

    Hacked is an awfully strong word to use against one of Orange Jesus's most trusted besties. Xi, or whatever his name is...

(1)