Security Stop Press : China-Backed Hackers Breach Telecoms Wiretap Systems

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

October 16, 2024

China-backed hackers have breached the wiretap systems of several major U.S. telecom and internet providers, exposing critical vulnerabilities and likely collecting vast amounts of internet traffic to gather intelligence on Americans.

These wiretap systems, required by the 1994 Communications Assistance for Law Enforcement Act (CALEA), grant authorised personnel (e.g. law enforcement agencies) almost unfettered access to user data, including internet traffic and browsing histories. However, these systems have long been viewed as security risks, with experts warning of their potential misuse. For example, Georgetown Law professor Matt Blaze called the breach “inevitable,” highlighting the inherent dangers of building backdoors meant for lawful purposes, which are prone to exploitation by malicious actors.

The Wall Street Journal recently reported that the hacking group, known as ‘Salt Typhoon’, breached at least three of the largest U.S. providers – AT&T, Lumen, and Verizon – to access these systems. While the full extent of the damage remains unclear, some US national security sources have described the breach as potentially catastrophic. The hackers are thought to be positioning for future cyberattacks, possibly as part of tensions between the U.S. and China over Taiwan. The breach has reignited debate over the risks of government-mandated backdoors, with experts like Stanford’s Riana Pfefferkorn pointing out that such systems “jeopardise” rather than protect users.

The revelations come amidst growing global concern over government backdoors and encryption, with other countries, including those in the EU, also considering legislation that could weaken digital security. Signal president Meredith Whittaker echoed warnings that “there’s no way to build a backdoor that only the ‘good guys’ can use,” underscoring the wider implications of the breach.

To guard against the risk of such attacks, the advice for businesses is to use strong encryption, limit data access to the minimum necessary personnel, and continuously review and update security practices to close potential vulnerabilities in systems.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.