What you need to know about the series of US hacking attacks blamed on China

US officials say hackers linked to the Chinese government are responsible for security breaches at major US telecommunications companies and agencies.

The latest hack, announced on Monday, directed at the US Treasury Department, which called the hack a “major incident.”

Officials said the hackers were able to gain access to employees’ workstations and some unclassified documents. China denies its involvement.

It is the latest in a series of cyber attacks that have taken place in recent months against the US and other Western targets.

The Treasury Department hack followed news in late October that two major US presidential campaigns had been targeted.

The FBI and the Cybersecurity and Infrastructure Security Agency (Cisa) said the hack targeting the White House campaign was carried out by “actors associated with the People’s Republic of China.”

In September, there were reports of an operation that managed to breach the security of leading telecommunications companies.

The White House recently said at least nine companies were hacked, including telecommunications giants AT&T and Verizon.

And at the beginning of the year, in March, Seven Chinese citizens were charged in the hacking operation which lasted at least 14 years and targeted foreign critics of China, business and politicians.

Operations linked to Western governments with China have also targeted the UK Electoral Commission and the UK and New Zealand parliaments.

Although the full details have yet to be released, the hacks appear to be the work of several different units — each linked to the Chinese state, according to US authorities.

Hacker groups are nicknamed security firms. For example, the group behind the telecommunications hack is most commonly known as Salt Typhoon, a name given to it by Microsoft researchers. Other firms have dubbed it the Famous Sparrow, the Ghost Emperor, and the Land of Estra.

Salt Typhoon is believed to be behind the hacking of telecommunications networks. A separate group called Volt Typhoon, was accused of hacking organizations critical infrastructure for potential disruption attacks.

The seven Chinese nationals charged in the hack have been linked by US Justice Department officials to an operation known as Zirconium or the Panda Court.

Britain’s National Cyber ​​Security Center says the same operation targeted the emails of British parliamentarians in 2021.

The latest hacks appear to have targeted influential people and collected data that could benefit the Chinese government.

Among others, they targeted the phones of President-elect Donald Trump, Vice President-elect J.D. Vance and people working for Vice President Kamala Harris’ campaign.

The hackers also gained access to a database of phone numbers subject to wiretapping by law enforcement — knowledge that experts say could be used to identify foreign spies under surveillance.

And the data of millions of Americans could have been compromised as a result of attacks on telecommunications companies.

Richard Forna, assistant director of the University of Maryland, Baltimore County Cybersecurity Institute, said Chinese efforts have been aimed at different goals.

“It’s more of a general gathering of information, let’s see what we can get into and see what we can find,” he said.

US lawmakers from both parties have expressed concern about the hacks.

Senator Mark Warner, a Democrat, called Salt Typhoon’s activity “the worst telecommunications hack in our nation’s history.”

Brendan Carr, Trump’s pick to chair the Federal Communications Commission, said the intelligence briefing on the hack was “deeply, deeply troubling.”

“The information I heard made me want to smash the phone at the end,” he told CNBC.

FBI Director Christopher Wray recently said that the Salt Typhoon hacking of telecommunications companies was “the most significant cyber espionage campaign in Chinese history.”

He has previously said that China’s hacking program is bigger than (that of) all other major countries combined.

In addition to the charges against the seven Chinese nationals, US authorities earlier this month warned China Telecom Americas, the US subsidiary of one of China’s largest telecommunications companies, that it was a national security threat.

The company has 30 days to respond and could end up facing a ban.

In May The UK has sanctioned two individuals and Wuhan Xiaoruizhi Science and Technology Company Ltdwhich he said was related to Judgment Panda.

Trump’s incoming national security adviser Mike Waltz said foreign hackers should face “higher costs and consequences.”

Mr. Forna of the UMBC Cyber ​​Security Institute said the hacks were likely years in the making.

“China has traditionally taken a very long and strategic view of how they conduct espionage and intelligence operations,” he said. “The US tends to be much more reactive and much more interested in immediate and visible results.”

Chinese Foreign Ministry spokeswoman Maa Ning told a briefing that the accusations were “baseless” and “lacking evidence”.

“China has consistently opposed all forms of hacking and resolutely rejects the spread of false information targeting China for political purposes,” Ma said.

A Chinese embassy official said in a statement: “The US must stop using cybersecurity to slander and defame China, and stop spreading all kinds of misinformation about so-called Chinese hacking threats.”