Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

Functional cookies, also known as functionality cookies, enhance a website's performance and functionality. While they are not strictly necessary for the website to function, they provide additional features that improve the user experience.

 

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Always Active

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Targeting cookies, are used to deliver advertisements that are more relevant to the user's interests. These cookies track a user’s browsing habits and behavior across websites, enabling advertisers to create targeted ad campaigns and measure their effectiveness

Hackers team engaging in governmental espionage and using phishing techniques

PRC Cyber Espionage Campaign Targeting Telecom Infrastructure

Winncom-170

Washington, D.C. — The U.S. government has uncovered a wide-ranging cyber espionage campaign by actors affiliated with the People’s Republic of China (PRC), targeting critical telecommunications infrastructure across the nation. This investigation, led by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), has revealed that these PRC-linked actors have compromised networks at multiple telecommunications companies to facilitate the theft of sensitive data and private communications. The findings expose a sophisticated operation aimed at accessing customer call records, intercepting private communications, and extracting data under U.S. law enforcement protection. 

Among the most concerning revelations is the targeting of individuals involved in government and political activities. The actors appear to have focused on gathering intelligence by exploiting vulnerabilities within telecom networks, compromising data protected under court orders. As the investigation unfolds, the FBI and CISA are intensifying efforts to assist affected organizations and bolster the resilience of the telecommunications sector. “Our goal is to protect critical infrastructure and ensure the confidentiality of communications,” said CISA Director Jen Easterly. “We urge any organization that suspects it may be a victim to contact their local FBI field office or CISA immediately.” 

CISA and the FBI have been providing technical assistance to mitigate the impact of these intrusions. This includes sharing threat intelligence, offering guidance on best practices for cyber defense, and coordinating with industry partners to improve overall cybersecurity posture.

Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) continue to render technical assistance, rapidly share information to assist other potential victims and work to strengthen cyber defenses across the commercial communications sector. We encourage any organization that believes it might be a victim to engage its local FBI field office or CISA.

For detailed information on protecting your organization and reporting incidents, visit the FBI’s cybercrime resource page, FBI Cyber Crime Resources, or CISA’s advisory siteCISA Cybersecurity Alerts.

This discovery comes amid rising tensions between the U.S. and China over cybersecurity issues. It underscores the ongoing challenges in securing critical infrastructure against state-sponsored cyber operations. As more details emerge, the U.S. government will likely ramp up efforts to strengthen defenses and hold malicious actors accountable.

Read the full press release here:  NSA Joins in Releasing Case Studies Showing PRC Tradecraft in Action

Read the full report here: APT40 Advisory PRC MSS tradecraft in action

Ad_TwoHops_1040

AGL Staff Writer

AGL’s dedicated Staff Writers are experts in the digital ecosystem, focusing on developments across broadband, infrastructure, federal programs, technology, AI, and machine learning. They provide in-depth analysis and timely coverage on topics impacting connectivity and innovation, especially in underserved areas. With a commitment to factual reporting and clarity, AGL Staff Writers offer readers valuable insights on industry trends, policy changes, and technological advancements that shape the future of telecommunications and digital equity. Their work is essential for professionals seeking to understand the evolving landscape of broadband and technology in the U.S. and beyond.

More Stories

Enable Notifications OK No thanks