The United States and law enforcement and intelligence agencies from multiple countries around the world issued a warning on Wednesday (August 27th) that hacking activities initiated by the Chinese Communist government have affected at least 200 American institutions, reaching 80 countries and regions.
This report was jointly released by the “Five Eyes Alliance” (the United States, United Kingdom, Canada, Australia, and New Zealand) as well as law enforcement and intelligence agencies from Finland, the Netherlands, Poland, and the Czech Republic, under the title “Combatting Chinese (CCP) government-supported hacker organizations that disrupt global networks to support global spy systems.”
The involvement of multiple countries highlights that Chinese cyber attacks have exceeded globally recognized surveillance standards, reflecting the international community’s firm determination to resist malicious Chinese network attacks.
According to the report, Chinese hackers exploit known vulnerabilities in network software and equipment (including routers) to invade global networks, targeting sectors such as telecommunications, government, transportation, accommodation, and military infrastructure.
“Although these attackers focus on major telecommunications operators’ large-scale core routers and provider edge (PE) and customer edge (CE) routers, they also use infected equipment and trusted connections to infiltrate other networks. These hackers often modify routers to maintain persistent, long-term access to the network,” the report stated.
Brett Leatherman, Assistant Director and head of the FBI’s cyber division, stated that Chinese attacks have far exceeded the conventional realm of cyberspace operations, with indiscriminate attacks on global critical infrastructure.
“Our privacy is being invaded, not only in the United States but on a global scale,” he said.
Telecom hacking attacks are just one aspect of the Chinese government’s intensified attack operations, with active participation from the Chinese security sector. Evidence indicates that they have previously implanted destructive capabilities into foreign public infrastructure, including power and water companies.
Leatherman mentioned that the Chinese hacker group “Salt Typhoon” previously invaded nine American telecommunications companies, stealing deep access, extracting call records, and some law enforcement directives.
He stated that this activity could enable Chinese spies to track Americans’ movements using mobile geolocation data, including their activities abroad.
Additionally, hackers have created relationship charts based on data analysis, showing call targets and surveillance targets of U.S. law enforcement, leading to a significantly different intelligence landscape compared to the past.
The report named three Chinese private companies allegedly involved in the attacks—Sichuan Juxin Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruiche Network Technology Co., Ltd., stating that they provide services to multiple units of the CCP military and state security departments.
Leatherman expressed that Chinese network attacks have surpassed traditional espionage activities, with these Chinese network companies authorized to independently select attack targets, resulting in numerous victims across various industries, including accommodation and transportation.
“This indicates that the Chinese government is conducting broader, indiscriminate attacks on global critical infrastructure in a manner far exceeding the norms of cyberspace operations,” Leatherman said.
The FBI believes that they have essentially contained the intruders at present, and countries are now better equipped to detect the activities of Chinese hackers.
Leatherman cautioned that the ongoing network threats from China persist, as these hackers have hidden re-entry points in various software to facilitate future invasions.
The joint alert released on Wednesday provides a detailed list of infected devices and technologies, as well as tips on how to find and protect them from future attacks within company networks.
As is customary, Beijing denied involvement in cyber operations and instead accused the United States of smearing China.