close
close

What you need to know about the Chinese hackers who attacked the 2024 US presidential campaigns

What you need to know about the Chinese hackers who attacked the 2024 US presidential campaigns

WASHINGTON – A sophisticated hack of U.S. telecommunications systems has spread to the presidential campaigns, raising questions about the group behind the attack and the extent of its intelligence-gathering efforts.

It is unclear what data was obtained during the attack. This far-reaching operation has been linked to the Chinese government and is attributed to a group of experts called the Salt Typhoon.

Investigators believe the hackers targeted many well-connected Americans, including presidential candidates, reflecting the scale and potential severity of the hack.

What is a Salt Typhoon?

That’s the name Microsoft cybersecurity experts gave to a Chinese group suspected of using sophisticated techniques to hack into major systems – most recently those of American telecommunications companies.

The moniker is based on Microsoft’s practice of naming hacking groups by type of weather: “typhoon” for China-based hackers, “sandstorm” for Iran-based hacks, and “blizzard” for Russian-led operations. The second term, in this case “salt”, is used to indicate the type of hack.

Experts say Salt Typhoon appears to be focused primarily on counterintelligence purposes, unlike other hacking groups that might try to steal corporate data, money or other secrets.

What do US officials think the Salt Typhoon did?

National security officials have collected evidence that hackers were able to penetrate major telecommunications companies, including but not limited to Verizon.

The New York Times reported on October 25 that the phones attacked included devices used by former President Donald Trump and his running mateSenator J. D. Vance of Ohio.

The effort is believed to be part of a broad intelligence-gathering campaign also targeting Democrats, including Vice President Kamala Harris’ campaign staff and Sen. Chuck Schumer of New York, the majority leader.

How serious is this hack?

Homeland security officials are still trying to understand the severity of the breach. But they are very concerned that hackers linked to Chinese intelligence were able to gain access to US cell phones and data networks. Such information could provide useful intelligence to a foreign adversary such as China.

In some ways, the breach represents a continuation of the collection of data on target types that spies have been collecting for decades. In this case, however, the sheer quantity and quality of information that the Salt Typhoon was able to access may set this intrusion into its own category and suggests that US data networks are more vulnerable than officials believed.

What did the hackers get?

It’s still unclear at this stage. One of the main concerns among government officials is whether the group was able to observe any court-ordered investigative work, such as intelligence collection under the Foreign Intelligence Surveillance Act, a highly classified part of the American effort to root out spies and terrorists.

No one has yet suggested that hackers could operate inside the phones of individual victims. A more pressing issue would be if they could see who was communicating with candidates and elected officials, how often and for how long they spoke.

Such information could help any intelligence agency understand who is close to senior government decision makers.

People familiar with the investigation say it is not yet known whether the hackers were able to gain access to this type of information. Investigators are confident that the attackers targeted specific phone numbers associated with presidential campaigns, senior government officials, their employees and others.

Like the weather, hacking never stops, and the disruption of the Salt Typhoon may not have ended either. It’s also possible that the United States will never know what exactly the hackers got. NEW TIME