On November 20, 2024, the FBI and CISA issued a warning about ongoing cyberattacks by the People's Republic of China (PRC) targeting U.S. telecommunications companies.

This warning follows reports from early October 2024, which revealed that a China-linked threat operation named Salt Typhoon had targeted major telecom providers in the U.S., including AT&T, Lumen Technologies, and Verizon.

The primary objectives of these attacks include stealing customer call records, compromising private communications of government and political figures, and accessing sensitive information related to U.S. legal cases.

Morgan Wright, chief security advisor at SentinelOne, emphasized the urgency of addressing the threat from China, noting that it transcends political administrations and requires bipartisan action.

NSA cybersecurity expert Evan Dornbush highlighted that the infiltration of U.S. organizations by Chinese threat actors is a longstanding issue, calling for a strategic response to deter such actions.

Wright also pointed out that China's cyberattacks extend globally, impacting not only telecommunications but also undersea cables.

Augusto Barros, vice president at Securonix, underscored the serious nature of the allegations against PRC-affiliated actors and stressed the importance of network encryption and secure authentication methods.

Experts recommend that organizations avoid SMS-based multi-factor authentication due to vulnerabilities associated with mobile network providers.

John Bambenek, president at Bambenek Consulting, noted that the recent warning reiterates the PRC's willingness to compromise telecom networks to target specific victims.