An important telecommunications service company in the United States, Ribbon Communications, confirmed on Wednesday that its internal network had been infiltrated by a “nation-state hacker” for nearly a year before it was discovered. The exposure of system security issues by this Texas-based telecommunications technology provider reflects a broader trend of cyber attacks targeting telecommunications companies.
According to a quarterly report submitted to the U.S. Securities and Exchange Commission (SEC) on October 23, the company acknowledged that the incident constituted a “significant network security risk,” but did not disclose the specific magnitude of losses.
The report revealed that Ribbon Communications detected abnormal activities in early September, with initial investigations showing that the hackers first penetrated the system in December 2024. The company indicated that the actions were believed to be linked to a foreign government, but the documents did not specify the country or the identity of the hackers involved.
A spokesperson for Ribbon Communications stated in an email that there is currently no evidence to suggest that the company’s “critical information” was stolen. The report stated that the hackers accessed “a small amount of customer files on two laptops outside the main network.” The spokesperson refused to disclose the specific content of the files, only mentioning that they involved “four outdated documents,” and confirmed that some small-scale customers were affected.
The company reported that the intrusion led to revenue fluctuations, disruptions in the supply chain, and further exacerbated overall network security risks. Ribbon Communications emphasized that they have engaged third-party network security experts to conduct a thorough investigation and strengthen protective measures to prevent similar incidents from reoccurring.
Ribbon Communications is a major U.S. provider of voice and data communication technology, serving clients such as Verizon, Lumen Technologies, Deutsche Telekom, SoftBank Group, TalkTalk Telecom Group in the UK, and Tata Group in India, as well as providing technical services to the U.S. Department of Defense, the University of Texas at Austin, the government of Los Angeles, and the city’s public library.
At a time when the threat to U.S. telecommunications infrastructure by nation-state hackers continues to rise, the Federal government has issued multiple warnings, highlighting critical communication networks as primary targets of foreign espionage activities.
In January of this year, the U.S. Department of the Treasury imposed sanctions on Chinese companies and individuals associated with the “Salt Typhoon” hacker group, accusing the organization of infiltrating at least eight U.S. communication companies with support from the Chinese authorities, stealing sensitive data as part of global cyber espionage activities.
The Federal Communications Commission (FCC) emphasized in a statement that “telecommunications networks are crucial to national defense, public safety and economic systems,” urging both government and businesses to enhance defenses to improve resilience against cyber attacks by hostile forces.
Academic research also emphasizes the importance of addressing these risks. According to a study from Eastern Kentucky University in 2024, attacks by nation-state hackers on critical infrastructure such as telecommunications and energy could lead to supply chain vulnerabilities and economic turmoil.
Former U.S. Army General Keith B. Alexander and former White House advisor Jamil N. Jaffer noted in a report in 2017 that modern strategic adversaries do not necessarily need to directly attack government institutions, as disrupting civilian or economic infrastructure can achieve significant strategic goals.
“In today’s age, attacking the civilian or economic infrastructure of the United States is often more effective for asymmetric warfare actors or state-sponsored proxy forces than directly targeting government institutions.”
The original article titled “Texas Telecom Company Discloses Cybersecurity Breach by Nation-State Hacker” was published in English in “Epoch Times.”