SoylentNews

hubie [soylentnews.org] writes:

FBI and CISA officials said it was impossible to predict when the telecommunications companies would be fully safe from interlopers [nbcnews.com]:

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country's telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies [nbcnews.com] to spy on customers.

A spokesperson for the Chinese Embassy in Washington did not immediately respond to a request for comment.

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China's intercepting their communications.

"Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible," Greene said.

The FBI official said, "People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant" multi-factor authentication for email, social media and collaboration tool accounts.

The scope of the telecom compromise is so significant, Greene said, that it was "impossible" for the agencies "to predict a time frame on when we'll have full eviction."

[...] The FBI and other federal law enforcement agencies have a complicated relationship with encryption technology, historically advocating against full end-to-end encryption that does not allow law enforcement access to digital material even with warrants. But the FBI has also supported [fbi.gov] forms of encryption that do allow some law enforcement access in certain circumstances.

[...] In a statement to NBC News, Ron Wyden, D-Ore, one of the Senate's fiercest privacy advocates, criticized America's reliance on CALEA as it leaves such sensitive information unencrypted.

"Whether it's AT&T, Verizon, or Microsoft and Google, when those companies are inevitably hacked, China and other adversaries can steal those communications," he said.

Original Submission