The United States Capitol. (Photo by Lisa / Dajiyuan)
[People News] Recently, a hacking campaign orchestrated by a Chinese government-linked group has intensified just ahead of the U.S. presidential election, targeting the communications of U.S. political figures. This incident has sparked a significant political debate in the United States, with lawmakers warning of serious national security risks. Additionally, the Chinese government, while collecting massive amounts of data on its own citizens, has failed to secure it adequately, resulting in the data being sold online at low prices.
According to a report by Radio Free Asia, U.S. Senate Intelligence Committee Chairman Senator Mark Warner, a Democrat, stated on Thursday that a recent Chinese hacking operation targeting U.S. telecommunications systems was more extensive than previously imagined. He revealed that all major American telecom providers had been compromised.
Senator Mark Warner was referencing the "Salt Typhoon" hacking incident that occurred this summer. Previously reported by Radio Free Asia, the Chinese government-linked hacking group, known as "Salt Typhoon" by U.S. researchers, launched a large-scale espionage campaign targeting the communications of multiple U.S. political figures. The group intercepted phone call recordings and text messages from numerous individuals, including President-elect Donald Trump, his Vice President J.D. Vance, and members of their team. It has been confirmed that this group is connected to the Chinese government.
Timothy Heath, a China expert at the RAND Corporation, spoke to Radio Free Asia about the incident, calling it a severe blow to U.S. national security: "This is a very serious cyber-espionage operation. Targeting government officials indicates that China (the CCP) may be attempting to gather intelligence on U.S. government policies or find vulnerabilities to exploit against U.S. officials."
Heath further noted that the hack could have far-reaching consequences for U.S.-China relations: "This hacking incident will seriously damage U.S.-China relations and could prompt the incoming Trump administration to take punitive measures against China (the CCP). U.S.-China relations appear to be heading toward even deeper tensions."
Zack Cooper, a senior fellow specializing in U.S.-Asia policy at the American Enterprise Institute (AEI), offered a slightly different view:
Cooper told the reporter that this incident is unlikely to significantly disrupt U.S.-China relations: "If the reports are accurate, this represents an extremely dangerous vulnerability. This could help Beijing understand the behavioral patterns of U.S. national security agencies, and such information is highly valuable. … I believe the U.S. might protest this behavior, but such espionage activities rarely lead to further reactions from either side." He added: "Ideally, Congress would investigate and pressure U.S. telecom companies to improve their security measures. Unfortunately, for much of the damage already done, such efforts may come too late."
Espionage Specifically Targeting Trump Team
According to a report by The New York Times on Friday, the U.S. government is still working to determine exactly what information the Chinese hackers stole and the specific methods they used. Senator Warner described the incident as the most severe telecommunications hack in U.S. history, warning that until the investigation is complete, significant security vulnerabilities remain, putting the U.S. at great risk.
The report initially indicated that U.S. investigators believed "Salt Typhoon" accessed data by infiltrating the court system to steal court-authorized surveillance records, including personal text messages and call data. However, further investigation revealed that "Salt Typhoon" exploited aging infrastructure and vulnerabilities in interconnected systems to achieve a more extensive breach. Since the exposure of the incident, the group has ceased operations to avoid full detection by the U.S. government. However, Warner noted that the hackers have not been completely eradicated from U.S. telecommunications systems, and the full extent of their infiltration is still unknown.
The report clarified that the Chinese hackers were unable to eavesdrop on conversations conducted through encrypted applications like WhatsApp or Signal, nor could they intercept messages sent via Apple's iMessage system between two iPhones. However, the hackers were able to access standard SMS messages exchanged between iPhones and Android devices, as well as monitor regular phone calls. Additionally, they could collect metadata such as phone numbers dialed, call durations, and approximate locations of the devices involved.
The article stated that the hacking operation primarily targeted U.S. national security officials, political figures, and related personnel. Beyond "Salt Typhoon," other hacker groups may also have been involved, with one group reportedly focused specifically on monitoring the activities of Donald Trump and J.D. Vance.
Monitoring Systems Turn into Vulnerabilities: Chinese Officials Sell Citizen Data at Low Prices
While Beijing conducts rigorous surveillance of domestic citizens and cross-border monitoring of U.S. officials, its data protection practices leave much to be desired. According to a recent report by Wired, U.S. cybersecurity firm SpyCloud has discovered that the Chinese government, after amassing vast amounts of citizen data, has failed to safeguard it properly. Instead, internal personnel within China's surveillance agencies use their access privileges to sell large volumes of citizen information at low prices to anyone interested.
The report detailed that these black-market data transactions primarily occur on encrypted messaging platform Telegram. Major vendors include groups like Carllnet, DogeSGK, and X-Ray, which operate services that attract thousands of participants. For payments in cryptocurrency or credits purchased via commonly used payment platforms, buyers can access personal information about others, such as names, emails, phone numbers, social media accounts, call logs, bank accounts, and marital records. For an additional few hundred dollars, buyers can even obtain passport images and geolocation data of their targets.
Liu Lipeng, a former content censor for Weibo, explained to reporters that such identity information services are commonly referred to as "data boxes." He noted that this industry has existed for years and is widely known among internet users:
"The sources of 'data box' information fall into two categories. One comes from website breaches since every platform requires real-name registration. … The more advanced 'data boxes' involve insiders directly accessing information for you. Sometimes, entire datasets are bundled and sold in bulk. The monetization methods are diverse."
Liu added: "This service essentially acts as a middleman, connecting buyers with insiders willing to use their access privileges to retrieve information. It has grown into a highly structured industry."
The report also revealed that data traders actively advertise on Telegram to recruit government insiders. These ads claim that insiders can earn between 10,000 and 70,000 yuan per day and promise risk mitigation measures, including training on anonymous withdrawals and cryptocurrency payments.
SpyCloud’s investigation found that the data trade also extends to targeting government officials. The organization successfully purchased personal information of senior Chinese Communist Party (CCP) officials and officers in the People’s Liberation Army (PLA). This underscores the "double-edged sword" problem: while massive data collection supports surveillance, it also exposes severe vulnerabilities in protecting this information.
News magazine bootstrap themes!
I like this themes, fast loading and look profesional
Thank you Carlos!
You're welcome!
Please support me with give positive rating!
Yes Sure!