U.S. officials are recommending Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers, citing a sprawling Chinese hacking campaign.
The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it hadn't been fully remediated as of Friday. Speaking on a call with reporters this week, officials refused to set a timetable for declaring the country’s telecommunications systems free of interlopers.
In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China’s intercepting their communications, NBC News reported.
“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Greene said.
The FBI official said, “People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant” multi-factor authentication for email, social media and collaboration tool accounts.
The scope of the telecom compromise is so significant, Greene said, that it was “impossible” for the agencies “to predict a time frame on when we’ll have full eviction.”
At least eight U.S. telecom firms and dozens of nations have been impacted by the hacking campaign, according to a top U.S. official.
Local
The U.S. believes that the hackers were able to gain access to communications of senior U.S. government officials and prominent political figures through the hack, Deputy National Security Adviser Anne Neuberger said. She noted that because the hack appeared to be targeting a relatively small group of individuals, only a small number of Americans’ phone calls and texts have been compromised.
The Chinese embassy in Washington on Tuesday rejected the accusations that it was responsible for the hack after the U.S. federal authorities issued new guidance.
Feeling out of the loop? We'll catch you up on the Chicago news you need to know. Sign up for the weekly> Chicago Catch-Up newsletter.
“The U.S. needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China,” embassy spokesperson Liu Pengyu said.