Who are the Chinese Hackers Targeting the 2024 US Elections? How serious is the violation? Announced

Last Update:28 October 2024 15:59 IST

Chinese hacker group, codenamed Salt Typhoon by Microsoft, privately collects counterintelligence on critical American assets and institutions during political campaigns

Chinese hackers targeted phones used by people affiliated with the campaigns of Donald Trump and Kamala Harris. (Getty Images)

A group of Chinese hackers disrupted US telecommunications infrastructure after reports suggested voice calls of political figures, including Donald Trump’s campaign advisor, had been intercepted.

Reports also suggested that the Trump campaign team was informed that the Republican presidential candidate and his running mate, J.D. Vance, were among numerous individuals inside and outside the government whose phone numbers were targeted through the breach of Verizon phone numbers.

Reuters It was also reported that Chinese hackers also targeted phones used by people affiliated with Kamala Harris’s campaign.

The Federal Bureau of Investigation (FBI) and US cybersecurity have confirmed that they are investigating unauthorized access to commercial telecommunications infrastructure by a group of experts from China codenamed ‘Salt Typhoon’. According to reports, although officials did not name the Trump campaign in the statement, it is not clear what data was taken in the attack.

What is Salt Typhoon?

The Chinese group, codenamed Microsoft, is suspected of using sophisticated techniques to infiltrate large systems (more recently, American telecommunications companies). Microsoft has a practice of naming hacking groups after weather conditions: ‘typhoon’ for China-based hackers, ‘sandstorm’ for Iranian efforts and ‘snowstorm’ for operations carried out by Russia, according to The New York Times.

The term “salt” in the context of ‘Typhoon Salt’ refers to the group’s focus on counterintelligence rather than traditional cybercrime involving corporate data theft or financial fraud.

Salt Typhoon collects counterintelligence only on critical American assets and institutions during campaigns or political seasons.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement that they are continuing their ongoing collaborative efforts with private sector companies to strengthen cybersecurity defenses. “After the FBI identified specific malicious activity targeting the industry, the FBI and CISA immediately notified the affected companies, provided technical assistance, and quickly shared information to assist other potential victims.”

What Could Typhoon Salt Possibly Have Done?

According to US security officials, the data indicates that the group may have infiltrated major telecom companies, including but not limited to Verizon.

New York Times It was reported that devices used by Trump and Vance were among the targeted phones.

The group’s effort is believed to be part of a larger operation to gather intelligence on Democrats, including the staff of Vice President Harris and majority leader New York Sen. Chuck Schumer, according to the NYT.

How Serious Is Hacking?

Security agencies have classified the magnitude of the phone breach as potentially transformative. The consequences of the breach are thought-provoking: US officials acknowledge that they may never know the full extent of the compromised data and cannot be sure that hackers have been completely removed from these networks.

The data would be a wealth of useful intelligence that a foreign adversary like China could exploit. According to NYT, information obtained by ‘Salt Typhoon’ shows that American data networks are more vulnerable than authorities thought.

Officials also said hackers may have infiltrated information that could have far-reaching national security implications beyond the 2024 political campaign.

Wall StreetJournal Last month, it was reported that a cyberattack linked to the Chinese government had infiltrated the networks of some US broadband providers and was able to obtain information from systems used by the federal government’s FISA (Foreign Intelligence Surveillance) court in its wiretapping efforts.

Verizon spokesman Rich Young said: New York TimesIt was stated that the company was “aware that a highly sophisticated nation-state actor was targeting many US telecommunications providers to gather intelligence.” He said Verizon is assisting law enforcement with the investigation and is working to resolve any ongoing issues.

What about Iranian Hackers?

Microsoft said in a report published last week that hackers linked to the Iranian government were researching and reviewing websites related to elections in US swing states.

The survey of election-related websites took place in April but was only recently discovered by Microsoft analysts. According to Microsoft, hackers “also made discoveries on major US media outlets” in May.

Iran has sought to escalate tensions during the 2024 elections through hacking targeting Trump and encouraging protests against U.S. policy toward Israel, according to U.S. intelligence agencies.

according to CNN According to the report, there is no evidence that the Iranians’ reconnaissance and research, which often involves looking for vulnerabilities in websites, has progressed to attempts to hack those websites.

Iran’s Permanent Representation to the United Nations denied the allegations in its statement.