U.S. federal officials urge the public to use encryption applications to secure their phones and messages, as eight American telecommunications companies have been hacked by the Chinese Communist Party, and the intruders have not been completely removed from the telecommunications infrastructure.
On Tuesday (December 3), U.S. officials warned at a press conference that due to the ongoing large-scale hacking activities targeting American telecommunications companies by the Chinese Communist Party, the best way for Americans to avoid being eavesdropped on by the CCP is to communicate using encryption technology.
Encrypted communication is a technique that encrypts information and requires a “key” to view or listen to the information. Therefore, when information passes through telecommunications infrastructure, third parties intercepting it would only see garbled code.
According to a report by the National Broadcasting Company (NBC) on Friday (December 6), telecommunications companies tend to temporarily store call and message records, such as which phone number dialed which phone or sent which message, when the call was made, and briefly store the contents of the message. However, they usually do not record the audio content of calls.
The report stated that this means that with activities like the hacking operation launched by the Chinese Communist Party known as “Salt Typhoon,” hackers are more likely to gain access to large amounts of call records and some stored message data.
For the general public, the simplest way to send encrypted messages or make encrypted calls is by using mobile applications like Signal or WhatsApp, as they enable end-to-end encryption. Through end-to-end encryption, each user has a unique code to decrypt messages sent to that account. Importantly, the companies that own and operate the applications cannot access this key, so even if they are hacked, they cannot decrypt encrypted messages.
Furthermore, these two applications also allow users to make encrypted calls between each other over the network.
The report mentioned that even if people do not use programs like Signal and WhatsApp, many Americans frequently use end-to-end encrypted messaging without realizing it.
For products like Apple’s iPhone, messages sent by users through “iMessage” to other Apple users or Google’s Google Messages users to other Google users automatically use Signal protocol encryption.
However, when iMessage users from Apple and Google Messages users from Google send messages to users using different messaging applications, such as when an iMessage user sends a message to a Google Messages user, these messages are only encrypted with Rich Communications Services. In the U.S., these services are handled by Google. This means that theoretically, such communications are hidden from telecommunications companies, and because they are not end-to-end encrypted, they are more likely to be seen by hackers infiltrating American telecommunications companies.
For phone calls, Google and Apple must be dialed through their respective calling applications—Google Fi and FaceTime—to provide encryption.
The FBI began investigating the Chinese hacker group “Salt Typhoon” in late spring or early summer.
Anne Neuberger, the Deputy National Security Adviser responsible for cybersecurity and emerging technologies in the Biden administration, said in a press conference on Wednesday that at least eight American telecommunications companies have been compromised.
U.S. media reports state that authorities have determined that the Chinese intelligence agencies infiltrated telecommunications companies such as AT&T, Verizon, and Lumen, accessing a large amount of Americans’ mobile call and message data, including several Washington officials and business figures.
In some cases, following the Chinese intrusion, they could even remotely listen to American phone calls, targeting members of the campaign teams of Republican presidential candidate Trump and Democratic candidate Harris, as well as members of Senate Majority Leader Schumer’s office.
China continues to deny these intrusion allegations, calling them “baseless attacks on China without any factual basis” by the United States.