- Vulnerable U
- Posts
- Government Wiretaps in U.S. Internet Providers Infiltrated by Chinese Hackers
Government Wiretaps in U.S. Internet Providers Infiltrated by Chinese Hackers
U.S. spying on it's citizens and China taking advantage of that backdoor for months before anyone realizing.
Why it matters: The intrusion could give Chinese intelligence access to court-authorized wiretap requests and vast amounts of internet traffic, undermining U.S. law enforcement and intelligence operations.
Key points:
The attack targeted major U.S. broadband providers, including AT&T, Verizon, and Lumen Technologies (Source: WSJ)
Hackers may have had access for months to systems used for lawful wiretapping requests
The breach is considered "historically significant and worrisome" by U.S. officials
The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers.
Manufacturers of networking and phone gear must follow specific standards for 'lawful interception' in different jurisdictions (e.g. CALEA & ETSI's standards)
But as we learn time & time again, the scope of potential access & harm almost never matched by efforts to detect &… x.com/i/web/status/1…
— John Scott-Railton (@jsrailton)
4:14 PM • Oct 5, 2024
So, here's the deal: We've got the U.S. government doing its thing, you know, keeping tabs on folks through these court-authorized wiretaps. It’s "for our own good," they say. The same arguments come up when they say they need backdoors into all encryption. “Save the children!” they cry in order to absolutely decimate your privacy.
Then we ask who's watching the watchers, right? Well turns out China is watching the watchers. AND THIS IS WHY WE DON’T LIKE BACKDOORS. - If there is a backdoor, there is no guarantee the “good guys” (quotes doing heavy lifting here) are the ones who use it.
Enter China, stage left… or more like stage dead center in your face, not even trying to hide it.
These government-sponsored hackers apparently thought, "Hey, why do all the hard work ourselves when we can just piggyback on what the U.S. is already doing?" It's like they put a backdoor in the backdoor.
They've gained access to all this great pre-collected intel without having to lift a finger to spy on individual Americans themselves.
We've got the U.S. spying on its citizens (legally, they insist), and then China comes along and says, "Don't mind us, we'll just help ourselves to these wiretaps."
This breach could have been going on for months before anyone noticed. It makes you think, there’s no way this is the only one like it, right?
The WSJ article speculates on the initial point of compromise involving Internet edge devices like some Cisco network devices. I’ve reported on the FBI’s concern of China’s compromise of edge devices and laying in wait before.