The advisory was issued on Wednesday by cyber defence watchdog the Australian Signals Directorate (ASD) and its Australian Cyber Security Centre (ACSC), alongside security agency counterparts from the US, Canada, and New Zealand.
The notice urged telecommunications companies to increase their network security in the wake of some US residents having their phone conversations, text messages, or related call and text records accessed.
For many people, this allegedly included metadata being stolen — which can include information on the dates, times, locations, and recipients of calls and text messages.
"We believe a large number of Americans' metadata was taken," a US official told local journalists on the condition of anonymity, as Reuters reported.
"We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on."
At least eight US telecommunications providers have been affected by the cyber espionage campaign, and hackers were likely to maintain some access to US networks, according to the White House.
The wide-ranging incursion came to light earlier this year, and while the threat has remained since, the true extent to which Salt Typhoon hackers still had access to critical networks around the world remained unclear.
The Australian government has not confirmed whether Australian telecommunication networks have been breached.
US senator Mark Warner, chairman of the country’s senate intelligence committee, told The Washington Post in November that the attacks were the "worst telecom hack in our nation's history — by far".
Chinese officials have denied responsibility and have previously described allegations of state-based hacking as disinformation, or false narratives.
Australian organisations urged to boost cyber security
Telcos and organisations working to defend communications infrastructure in Australia should “strengthen their visibility and harden devices against [People’s Republic of China]-affiliated and other malicious cyber actors”, ASD said in a statement.
“Our US partners have observed these actors compromising networks of major global telecommunications providers.
“Actors have focused on large US internet backbone routers, such as provider edge and customer edge routers.
“The compromises and malicious activity target exposed and vulnerable services, unpatched devices, and under-secured environments.”
ASD said it encouraged Australian organisations to maintain "high visibility” networks so that cyber defenders had “detailed insight into network traffic, user activity, and data flow” to help them detect potential threats.
The Australian government has accused China of being behind numerous cyber attacks and related security incidents in recent years.
In September, authorities said around 2,400 devices in Australia had been compromised by a China-backed cyber crime group.
In July, the Australian government blamed a series of cyber attacks on the Chinese government and a state-sponsored group known as APT40.
'Very senior’ US figures allegedly had calls hacked
Telephone calls involving “very senior” US political figures had been targeted and recorded by Salt Typhoon hackers this year, the White House alleged on Saturday.
Anne Neuberger, the US deputy national security advisor for cyber and emerging technology, said while the metadata of a large number of Americans had likely been stolen, officials believed “the purpose of the operation was more focused”.
"We believe ... the actual number of calls that they took, recorded and took, was really more focused on very senior political individuals," she said, as Reuters reported.
Neuberger did not reveal the names of anyone who was targeted, but said the US was “still investigating the scope and scale” of the hacking campaign.
The New York Times reported in October that phones used by then-presidential candidate Donald Trump, members of Trump's family, members of president Joe Biden’s administration, and officials at the US State Department had been targeted by China-linked hackers.
Asked about US reports of potential telecommunications attacks on 28 October, a spokesperson for China’s Ministry of Foreign Affairs, Lin Jian, said, “China urges the US to stop various types of irresponsible moves to blame the victim, stop cyberattacks globally, and stop using cyber security issues to vilify China.”
Neuberger said on Saturday that Biden had been briefed on the US government’s latest findings and the White House "has made it a priority for the federal government to do everything it can to get to the bottom of this".
US government officials reportedly told NBC News that citizens could use encrypted messaging apps — the likes of which include Facebook Messenger, Signal, WhatsApp, and Telegram — to minimise the chance of their communications being intercepted.
A US senate commerce subcommittee hearing is expected to discuss the Salt Typhoon hacking on 11 December, local time.
Source: acsinformationage