White House says at least 8 US telecom firms, dozens of nations impacted by China hacking campaign

A top White House official says at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign
FILE - The American and Chinese flags wave at Genting Snow Park ahead of the 2022 Winter Olympics, in Zhangjiakou, China, on Feb. 2, 2022. A top White House official on Wednesday said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. (AP Photo/Kiichiro Sato, File)

Credit: AP

Credit: AP

FILE - The American and Chinese flags wave at Genting Snow Park ahead of the 2022 Winter Olympics, in Zhangjiakou, China, on Feb. 2, 2022. A top White House official on Wednesday said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. (AP Photo/Kiichiro Sato, File)

WASHINGTON (AP) — A top White House official on Wednesday said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign.

Deputy national security adviser Anne Neuberger offered new details about the breadth of the sprawling Chinese hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.

Neuberger divulged the scope of the hack a day after the FBI and the Cybersecurity and Infrastructure Security Agency issued guidance intended to help root out the hackers and prevent similar cyberespionage in the future. White House officials cautioned that the number of telecommunication firms and countries impacted could still grow.

The U.S. believes that the hackers were able to gain access to communications of senior U.S. government officials and prominent political figures through the hack, Neuberger said.

“We don’t believe any classified communications has been compromised,” Neuberger added during a call with reporters.

She noted that because the hack appeared to be targeting a relatively small group of individuals, only a small number of Americans' phone calls and texts have been compromised. Neuberger added that impacted companies are all responding, but none “have fully removed the Chinese actors from these networks.”

“So there is a risk of ongoing compromises to communications until U.S. companies address the cybersecurity gaps the Chinese are likely to maintain their access,” Neuberger said.

She said that President Joe Biden has been briefed on the findings and that the White House “has made it a priority for the federal government to do everything it can to get to the bottom this.”

The Chinese embassy in Washington on Tuesday rejected the accusations that it was responsible for the hack after the U.S. federal authorities issued new guidance.

“The U.S. needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China,” embassy spokesperson Liu Pengyu said.

The embassy did not immediately respond to messages on Wednesday.

White House officials believe that the hacking was regionally targeted and the focus was on very senior government officials.

Federal authorities confirmed in October that hackers linked to China targeted the phones of then-presidential candidate Donald Trump and his running mate, Sen. JD Vance, along with people associated with Democratic candidate Vice President Kamala Harris.

The number of countries impacted by the hack is currently believed to be in the “low, couple dozen,” according to a senior administration official.

The official, who spoke on the condition of anonymity under ground rules set by the White House, said they believed the hacks started at least a year or two ago.

The suggestions for telecom companies released Tuesday are largely technical in nature, urging encryption, centralization and consistent monitoring to deter cyber intrusions.

If implemented, the security precautions could help disrupt the operation, which has been dubbed Salt Typhoon, and make it harder for China or any other nation to mount a similar attack in the future, experts say.

Neuberger pointed to efforts that have been made to beef up cybersecurity in the rail, aviation, energy and other sectors following the May 2021 ransomware attack on Colonial Pipeline.

“So, to prevent ongoing Salt typhoon type intrusions by China, we believe we need to apply a similar minimum cybersecurity practice,” Neuberger said.

The cyberattack by a gang of criminal hackers on the critical U.S. pipeline, which delivers about 45% of the fuel used along the Eastern Seaboard, sent ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation’s aging energy infrastructure. Colonial confirmed it paid $4.4 million to the gang of hackers who broke into its computer systems as it scrambled to get the nation's fuel pipeline back online.

___

Associated Press writer David Klepper contributed reporting.