Lawmakers have called for urgent measures to strengthen US telecommunications security following a massive cyberattack linked to China. The hacking campaign, referred to as Salt Typhoon, targeted American telecom companies, compromising vast amounts of metadata and call records. Federal agencies have briefed Congress on the incident, which officials say could be the largest telecom breach in US history.
Senator Ben Ray Luján described the hack as a wake-up call, urging the full implementation of federal recommendations to secure networks. Senator Ted Cruz warned of future threats, emphasising the need to close vulnerabilities in critical infrastructure. Debate also surfaced over the role of offensive cybersecurity measures, with Senator Dan Sullivan questioning whether deterrence efforts are adequate.
The White House reported that at least eight telecommunications firms were affected, with significant data theft. In response, Federal Communications Commission Chairwoman Jessica Rosenworcel proposed annual cybersecurity certifications for telecom companies. Efforts to replace insecure Chinese-made equipment in US networks continue, but funding shortfalls have hampered progress.
China has dismissed the allegations, claiming opposition to all forms of cybercrime. However, US officials have cited evidence of data theft involving companies like Verizon, AT&T, and Lumen. Congress is set to vote on a defence bill allocating $3.1 billion to remove and replace vulnerable telecom hardware.
US government agencies are set to brief the House of Representatives on a widespread cyberespionage campaign allegedly linked to China. Known as Salt Typhoon, the operation reportedly targeted American telecommunications firms to steal call metadata and other sensitive information. A similar briefing was held for senators last week.
The White House revealed that at least eight US telecom companies had been affected, with a large number of citizens’ data compromised. Senator Ron Wyden is drafting legislation in response, while Senator Bob Casey expressed significant concern, noting that legislative action might be delayed until the new year.
On Wednesday, a Senate Commerce subcommittee will examine the broader risks posed by cyber threats to communication networks. Industry representatives, including Competitive Carriers Association CEO Tim Donovan, will contribute insights on best practices to counter such attacks.
China has denied the allegations, labelling them as disinformation, and reaffirmed its opposition to cyber theft. Officials and lawmakers continue to emphasise the gravity of the breaches, with Senator Richard Blumenthal calling the scale of Chinese hacking efforts ‘terrifying.’
FCC Chairwoman Jessica Rosenworcel has proposed requiring US communications providers to certify annually that they have plans to defend against cyberattacks. The move comes amid growing concerns over espionage by ‘Salt Typhoon,’ a hacking group allegedly linked to Beijing that has infiltrated several American telecom companies to steal call data.
Rosenworcel highlighted the need for a modern framework to secure networks as US intelligence agencies assess the impact of Salt Typhoon’s widespread attack. A senior US official confirmed the hackers had stolen metadata from numerous Americans, breaching at least eight telecom firms.
The FCC proposal, which Rosenworcel has circulated to other commissioners, would take effect immediately if approved. The announcement follows a classified Senate briefing on the breach, but industry giants like Verizon, AT&T, and T-Mobile have yet to comment.
A senior US official revealed that a Chinese hacking group, known as ‘Salt Typhoon,’ has stolen vast amounts of Americans’ metadata in a broad cyberespionage effort targeting US telecommunications. While specific figures remain undisclosed, the hackers are said to have breached at least eight American telecom firms, including Verizon, AT&T, and T-Mobile.
Call record metadata — detailing who called whom, when, and where — was a key target, exposing sensitive personal and professional patterns. In some cases, telephone audio intercepts were also reportedly stolen. The campaign remains active, with the White House prioritising efforts to counter the intrusions.
Government agencies, including the FBI and the National Security Council, have briefed lawmakers and President Joe Biden on the matter, highlighting the severity of the breach. Efforts to secure the nation’s telecommunications infrastructure are ongoing.
Romania has been subjected to ‘aggressive hybrid Russian attacks’ during a series of recent elections, according to declassified documents from the country’s security council. The revelations come ahead of a presidential runoff between pro-Russian far-right candidate Calin Georgescu and pro-European centrist Elena Lasconi. Georgescu’s unexpected rise, attributed in part to coordinated promotion on TikTok, has raised alarms in this European Union and NATO member state.
Romanian intelligence reported over 85,000 cyber attacks exploiting vulnerabilities, including the publication of election website access data on Russian cybercrime platforms. The attacks persisted on election day and beyond, with officials concluding they stemmed from resources typical of a state actor. Russia has denied any involvement in the election.
If Georgescu wins, his anti-NATO stance and opposition to aiding Ukraine could isolate Romania from Western allies, marking a significant geopolitical shift. The alleged cyber campaigns have intensified concerns about election integrity in the region, drawing attention to the role of foreign interference in shaping democratic outcomes.
Anduril Industries and OpenAI have announced a partnership to advance AI applications for US national security. The collaboration will focus on enhancing counter-unmanned aircraft systems (CUAS), crucial for detecting and neutralising airborne drone threats.
By leveraging Anduril’s extensive CUAS data, AI models will be trained to respond to aerial threats in real time. OpenAI’s CEO, Sam Altman, highlighted the goal of safeguarding military personnel through these advanced AI solutions.
This partnership reflects the escalating global competition in AI-powered autonomous defence technologies, as nations like the United States and China race to innovate in automated military systems. Founded in 2017, Anduril specialises in autonomous systems, including drones and other tactical assets.
With organisations facing an average of 1,300 cyberattacks per week, Axiado is stepping up with a novel defence: a specialised security chip designed to protect digital infrastructure. Founded in 2017, the Silicon Valley-based startup recently secured $60M in Series C funding led by Maverick Silicon, with participation from Samsung Catalyst Fund and other investors. This brings Axiado’s total funding to $140M.
Axiado’s chip defends against boot-level and runtime security threats, ensuring the integrity of devices from data centres to 5G base stations. It uses root-of-trust technology to prevent hardware tampering and leverages AI-powered analytics to detect malicious data patterns. The company’s chip is positioned as a complement to existing software-based cybersecurity measures, acting as a last line of defence against sophisticated attacks.
The new funds will support Axiado’s go-to-market efforts and help transition its products into mass production by 2025. CEO Gopi Sirineni highlights the growing need for hardware-based security solutions, particularly as the stakes rise in the fight against cybercrime. With partnerships like the one with Jabil to develop server cybersecurity solutions, Axiado is set to expand its reach while competing with industry heavyweights and open-source projects such as Google’s OpenTitan.
A senior United States cybersecurity official has urged Americans to embrace encryption to safeguard their communications, citing ongoing efforts to expel alleged Chinese hackers from US telecom networks. Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasised the importance of avoiding plaintext communications and recommending encrypted apps like Signal and WhatsApp.
US authorities have accused hackers from China of infiltrating telecommunications companies, such as T-Mobile, to access sensitive data, including call records and intercepted audio, predominantly from Washington, DC. Beijing has denied the allegations, calling them disinformation. Greene acknowledged that removing the hackers entirely from the networks could take an unpredictable amount of time, further underscoring the need for encryption to ensure secure communications.
The advice marks a notable shift from previous US government positions that questioned strong encryption’s impact on public safety. As concerns over foreign cyber intrusions grow, Greene’s remarks highlight encryption as a critical tool for Americans facing prolonged cybersecurity threats.
Hostile cyber activity targeting the UK has surged, with incidents increasing by 16% in 2024 compared to the previous year. The National Cyber Security Centre (NCSC) reported handling 430 incidents, up from 371 in 2023. Of these, 347 involved data exfiltration, while 20 were linked to ransomware, underscoring the growing risks.
Richard Horne from the NCSC revealed that adversaries are exploiting society’s reliance on technology to maximise disruption. The centre issued 542 notifications to affected organisations, more than doubling the number of alerts from the previous year. Critical infrastructure sectors such as energy, transport, and health remain particularly vulnerable to ransomware attacks.
The annual review from the NCSC emphasised the evolving nature of threats, warning of the potential for AI to enhance cyberattack complexity. Officials also noted that the risks posed by state actors and cybercriminals remain underestimated. Horne urged against complacency, highlighting the severity of both immediate and long-term dangers.
Efforts to counter these threats are intensifying, but experts stress the importance of strengthening defences and maintaining vigilance as the cyber landscape becomes increasingly hostile.
The UK faces an escalating cyber threat from hostile states and criminal gangs, according to Richard Horne, head of the National Cyber Security Centre (NCSC). In his first major speech, Horne warned that the severity of these risks is being underestimated, citing a significant rise in cyber incidents, particularly from Russia and China. He described Russia’s cyber activity as ‘aggressive and reckless’ while noting that China’s operations are highly sophisticated with growing global ambitions.
Over the past year, the NCSC responded to 430 cyber incidents, a marked increase from the previous year. Among them, 12 were deemed especially severe, a threefold rise from 2023. The agency highlighted the growing threats to critical infrastructure and supply chains, urging both public and private sectors to strengthen their cyber defences. The UK also faces a growing number of ransomware attacks, often originating from Russia, which target key organisations like the British Library and healthcare services.
Horne emphasised the human costs of cyber-attacks, citing how these incidents disrupt vital services like healthcare and education. The rise in ransomware, often linked to Russian criminal gangs, is a major concern, and the NCSC is working to address these challenges. The agency’s review also pointed to increasing cyber activity from China, Iran, and North Korea, with these states targeting the UK’s infrastructure and private sector.
Experts like Professor Alan Woodward of Surrey University echoed Horne’s concerns, urging the UK to step up its cybersecurity efforts to keep pace with evolving threats. With adversaries growing more sophisticated, the government and businesses must act swiftly to protect the country’s digital infrastructure.
