Chinese hackers attack major Internet providers in the United States

A group of hackers linked to China made a cyber attack which affected some of the major Internet service providers in USA .

The operation could have allowed them access information from systems the federal government uses for wiretap requests authorized by the courts.

This is what they assured Wall Street Journal people familiar with the matter, who pointed out that the hackers could have had access to the network infrastructure used to cooperate with legal requests communications data from the North American country.

From what they said, it is presumed that the perpetrators of the cyberattack They are linked specifically to the Chinese government .

Likewise, they said officials also had access to other sections of Internet traffic more generic.

A computer operation with these characteristics may pose risks to national security they warned.

They also specified that, among the companies concerned, there are some like Verizon Communications, AT&T and Lumen Technologies .

It is believed that those responsible for the alleged operation they could have been infiltrated in these networks for months or even more.

The sources consulted by the Newspaper they declared that The cyberattack was carried out by a Chinese hacker group known as Salt Typhoon, which is accused of being linked to the Asian country’s government. .

Likewise, people with knowledge of the matter said the computer’s operation appeared to be oriented towards the collection of intelligence information .

When the American newspaper consulted the Spokespeople for Verizon, AT&T and Lumen declined to comment on Salt Typhoon. and this alleged cyberattack.

Although companies are generally required to disclose the detection of major cyber attacks, There are certain cases in which federal authorities may grant you an exemption for national security reasons. .

At the same time, American federal law considers that Telecommunications and Internet companies must allow authorities to intercept electronic information, if ordered by a court. who asks for it.

People who spoke to him Newspaper They said the cyber attack It was discovered about a month ago and remains under investigation. both by the U.S. government and private sector cybersecurity analysts.

Specialists presume, according to sources, that hackers appear to have collected internet traffic data from providers of this service .

This includes customers such as businesses of various sizes and millions of individuals in the United States.

Other findings suggest that the cyberattack This also affected a limited number of service providers outside the North American country. .

From the United States they also investigated alleged efforts by Chinese intelligence services to penetrate critical infrastructure networks .

Within this classification, they are considered facilities such as power plants, water treatment systems, airports, gas and oil pipelines .

According to the aforementioned media, senior US officials presume that This could be used by Chinese hackers to interrupt their ability to react to an episode of international crisis. .

A situation like this, For example, it could be a possible direct attack on Taiwan. by the People’s Republic of China (PRC).

It is worth recalling that President Joe Biden stated that The United States would provide support in the event of an invasion .

For his part, The PRC, chaired by Xi Jinping, considers Taiwan part of its territory and has intensified its military exercises of its forces in the South China Sea.

Previously, In late September, it was reported that Salt Typhoon had broken into some Internet service providers in the United States, with the aim of accessing confidential information. .

According to what they declared to the Newspaper at the time of sources with knowledge of the file, An investigation was conducted into whether Chinese hackers had access to Cisco Systems routers. .

A representative of the company assured at that time that they were carrying out the assessments. to identify imminent risks.

However, highlighted on September 26: “At this time, there is no indication that Cisco routers are involved (in Salt Typhoon activities).

The same spokesperson was consulted by the aforementioned newspaper in October, but did not immediately respond to request for comment .

It is stated that Microsoft investigates new Operation Salt Typhoon with other cybersecurity companies in order to know in more detail what confidential information they were able to access.

The vice president of cybersecurity company SentinelOne, Brandon Wales, explained that “it will take time to understand how serious this is, but in the meantime, it the most important in a long series of warning signs showing how the PRC has stepped up its cyber game “.

“If businesses and governments didn’t take this seriously before, they definitely need to now” he added to Newspaper He is also the former executive director of the Cybersecurity and Infrastructure Security Agency.

They assure that Salt Typhoon has been operational since 2020 and its activities focus on espionage, data theft and network traffic capture primarily in North America and Southeast Asia, Microsoft said.

Other companies also called GhostEmperor and FamousSparrow .

Faced with accusations from various Western governments and technology companies, China has denied using hacking to break into public or private networks abroad. .

The spokesperson for its embassy in Washington, Liu Pengyu, said in a statement: “China firmly opposes and combats cyber attacks and cyber theft in all its forms” .

Also in SeptemberHe accused U.S. spy agencies and cybersecurity companies of “covertly collaborating to gather false evidence.” against the PRC government.