Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
China Security

Chinese Hacked US Telecom a Year Before Known Wireless Breaches (bloomberg.com) 9

An anonymous reader quotes a report from Bloomberg: Corporate investigators found evidence that Chinese hackers broke into an American telecommunications company in the summer of 2023, indicating that Chinese attackers penetrated the US communications system earlier than publicly known. Investigators working for the telecommunications firm discovered last year that malware used by Chinese state-backed hacking groups was on the company's systems for seven months starting in the summer of 2023, according to two people familiar with the matter and a document seen by Bloomberg News. The document, an unclassified report sent to Western intelligence agencies, doesn't name the company where the malware was found and the people familiar with the matter declined to identify it.

The 2023 intrusion at an American telecommunications company, which hasn't been previously reported, came about a year before US government officials and cybersecurity companies said they began spotting clues that Chinese hackers had penetrated many of the country's largest phone and wireless firms. The US government has blamed the later breaches on a Chinese state-backed hacking group dubbed Salt Typhoon. It's unclear if the 2023 hack is related to that foreign espionage campaign and, if so, to what degree. Nonetheless, it raises questions about when Chinese intruders established a foothold in the American communications industry.
"We've known for a long time that this infrastructure has been vulnerable and was likely subject to attack," said Marc Rogers, a cybersecurity and telecommunications expert. "What this shows us is that it was attacked, and that going as far back as 2023, the Chinese were compromising our telecom companies." Investigators linked the sophisticated rootkit malware Demodex to China's Ministry of State Security, noting it enabled deep, stealthy access to systems and remained undetected on a U.S. defense-linked company's network until early 2024.

A Chinese government spokesperson denied responsibility for cyberattacks and accused the U.S. and its allies of spreading disinformation and conducting cyber operations against China.

Chinese Hacked US Telecom a Year Before Known Wireless Breaches

Comments Filter:
  • by Anonymous Coward
    "What this shows us is that..." Congress and telcos are either inept or complicit. FTFY!
  • by LostMyBeaver ( 1226054 ) on Thursday June 05, 2025 @12:28AM (#65428666)
    Every country has every other country hacked. No technical skills required, just blackmail, threats to loved ones, or big piles of money will buy access to any system.
  • Yes, but did they appropriately notify the senators about government surveillance on Senate-issued devices?
  • Especially on Windows, I've used 0 day exploits to take control of the machine, mainly for white hat purposes (sorry, college, more black hat then). One of my friends even got fired over white hat hacking and revealing security holes in the enterprise software we were developing and eventually whistleblowing when they tried security through obfuscation rather than fixing the problems. He sued and got like 6 million dollars.

    On UNIX/Linux, it is mostly an admin problem. Setting up a web server that issues web

  • Real winners fight harder. The losers just complain about the rules and refs.

    The YOB is trying to remake America in his own image. A nation of whiners, not winners.

    Me? I used to think we had better computer security experts than they did. Or maybe we did and chased all of them back to China? That could explain a lot of what's going on now...

    • by gweihir ( 88907 )

      Me? I used to think we had better computer security experts than they did. Or maybe we did and chased all of them back to China? That could explain a lot of what's going on now...

      Computer security experts can only do so much when the mainstream OS and applications are cheapest possible crap.

      • by Gleenie ( 412916 )

        Just put everything in the cloud! The cloud will solve all of your security and upgrade treadmill problems!

        Kids, if you're listening: when the cloud breaks, it may not be your fault, but it will definitely still be your problem.

    • I mean, attack is always easier than defense. Breaking into one system you need a few really good guys, securing a whole thing you need a whole organization. The article doesn't compare the offensive cybersecurity capabilities of the USA, which I assume are massive. It's not gonna say "oh look we infiltrated this super secret stuff" in head lines. Actually that there's never a peep of anyone reporting being infiltrated by the USA is telling, it means they're better.

Elegance and truth are inversely related. -- Becker's Razor

Working...