The Biden administration admitted that at least nine telecommunications companies were targeted in a major Chinese intelligence operation that exposed more than a million Americans.
The breach enabled China to access phone audio from top U.S. officials and politicians including Donald Trump, J.D. Vance, and members of Kamala Harris' presidential campaign.
The hacking operation began in mid-2023 and was still active this fall, when it was first reported on by The Wall Street Journal.
As far back as 2019, Chinese hackers have been testing weaknesses in critical U.S. infrastructure, the report said. National security adviser Jake Sullivan told telecommunications and technology executives at a secret White House meeting that hackers were capable of shutting down U.S. ports and power grids.
The ambitious scope and geopolitical nature of China's more recent hacks shows growing sophistication by Beijing, and a desire to cripple the U.S. in the event of a direct conflict over Taiwan's borders, the Journal reported.
A separate cyber-attack targeting telecom companies was focused on the Washington D.C. region, and exposed data for over one million users. The hackers were able to intercept phone audio from prominent individuals including Donald Trump.
The companies targeted, including telecoms giants like Verizon and AT&T, were briefed by government officials in summer 2024.
National security officials told the Journal that the hack was so thorough that it may be impossible to fully reverse. At least nine telecom companies were impacted, Biden's deputy national security adviser for cybersecurity, Anne Neuberger, said.
"They were very careful about their techniques,” said Neuberger said.
In addition to phone records, the hackers accessed the systems telecom companies use for court-ordered surveillance, which exposed a list of suspected Chinese agents being watched by the U.S. government.
The sleuths managed to lurk in the companies' surveillance systems for as long as 18 months until October, after the Journal first reported the breaches.
The hackers involved in the separate infrastructure attack targeted old home office routers belonging to ordinary Americans - like those manufactured by Netgear and Cisco - and used them as digital beachheads, the Journal said.
The FBI received court authorization to break into hundreds of routers remotely and neutralize the hackers, "essentially going into the homes of unsuspecting American victims, who had bought the routers years ago and had no idea their Wi-Fi network was secretly being used as a launchpad for an attack," the Journal noted.
Liu Pengyu, the spokesman for the Chinese embassy in Washington, said the U.S. is spreading "disinformation" about China's activities for geopolitical purposes.
"The US needs to stop using cybersecurity to smear and slander China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threats," the spokesperson said.
