By David E. Sanger and Julian E. Barnes
The New York Times
WASHINGTON — China’s recent breach of the inner workings of U.S. telecommunications systems goes deeper than the Biden administration has let on, the head of the Senate Intelligence Committee said Thursday that the hackers’ phone conversations. Can listen to and read text messages.
“The warehouse door is still open, or mostly open,” the Democratic chair, Sen. Mark Warner of Virginia, a former telecommunications executive, said in an interview Thursday.
Warner said he was stunned by the scope and depth of the breach, which was carried out last year by a group linked to Chinese intelligence that Microsoft called SaltTyphoon, whose cybersecurity team hacked in the summer. was detected. Government officials are struggling to understand what China achieved and how it could monitor the conversations of several well-connected Americans, including President-elect Donald Trump and Vice President-elect J.D. Vance.
At first, the FBI and other investigators believed the Chinese hackers used stolen passwords mostly on a system that taps telephone conversations and texts under court orders. It is managed by several of the country’s telecommunications firms, including the three largest – Verizon, AT&T and T-Mobile. But in recent days, investigators have discovered just how deep China’s hackers had moved across the country, exploiting aging equipment and seams in the networks connecting disparate systems.
Since the hack was revealed, the Chinese infiltrators have apparently disappeared, their intrusions suspended, so their full activity remains undetected, U.S. officials said. But Warner said it would be wrong to conclude that the Chinese were kicked out of the country’s telecommunications system, or that investigators even knew how deeply embedded they were.
“We haven’t found them everywhere,” Warner said.
The committee has received briefings from the government about the hack, and Warner has spoken with telecommunications executives.
China has been a source of hacking concerns for two decades. At first the biggest problem was the theft of intellectual property, such as chip designs and military equipment projects. Among them was the US’s latest fighter jet, the F-35, whose blueprints were stolen by China from US military contractors. Then, during the Bush and Obama administrations, China’s focus shifted to targeting US government officials, including the theft of security clearance files for more than 22 million Americans.
Russia took a different route. Late in Trump’s first term, he put code into products made by a company called SolarWinds, which provided software to the federal government and some of America’s largest companies. Moscow-backed hackers also infiltrated the network of Colonial Pipeline, a major gas and fuel distributor, disrupting gasoline supplies in the first year of the Biden administration.
But Chinese activity in the past year has taken those interventions to a new level, Warner said Thursday. “This is the most serious telecom hack in our history,” he said. “It makes colonial pipelines and solar winds look like small potatoes.”
He said that just in the past week it had become clear that “every major provider has been broken.”
Hackers were not able to eavesdrop on conversations on encrypted applications, such as WhatsApp or Signal. Nor can they read encrypted messages, such as those sent from one iPhone to another over Apple’s iMessage system. But they can read regular text messages between iPhones and Android phones, for example, or eavesdrop on phone calls over normal telephone networks, much as the government could if it had a legal order.
Chinese national security officials went after conversations with politicians and some of their staff, investigators have concluded. A senior official involved in the investigation said there could be several Chinese groups at work, noting that one of them may have focused on Trump and Venice.
“It wasn’t the same as constantly tapping your phone 24/7,” Warner said. Instead, he said, they can listen to specific goals for a specific period of time.
Investigators believe that, until now, Chinese hackers do not have the ability to go back into the records they accessed and listen to past calls. But they can collect metadata about previous calls — the phone numbers called, the length of calls and perhaps the rough location of cell phones. Even if they didn’t listen to many calls, the amount of metadata and geolocation data the Chinese have collected on key US officials is alarming.
Warner said it’s important to let investigators continue their work to explore the extent of the penetration and learn more. But he said it was critical that the public understand that the intrusion was not limited to Washington, but was far broader and that significant risks were exposed.
“We have to tell the American people that,” Warner said. “People need to know.”
Similar hacks in Australia and Britain have forced authorities there to have minimal standards, and Warner said he hopes the revelations of the Chinese hack will lead to stronger standards in the United States.
This article was originally published by The New York Times.