Chinese Government Hacks Verizon, AT&T and Lumen Using US Government Backdoors

Alternate Title: There's no way to ensure only the good guys use backdoors

Summary

Chinese-backed hackers, identified as the group “Salt Typhoon,” have compromised the wiretap systems of major U.S. telecom and internet providers AT&T, Lumen, and Verizon, likely to gather intelligence on Americans. The wiretap systems were established under the 1994 Communications Assistance for Law Enforcement Act (CALEA), which mandates that telecom and internet providers create backdoors for government surveillance. Security experts and encryption advocates have long warned about the risks associated with these backdoors, which have now been exploited by malicious actors. The breach is seen as a warning of the potential catastrophic consequences of maintaining such systems, which can be exploited by both state-sponsored attackers and other bad actors.

Breakdown

1. Incident Overview

   1. Chinese-backed hackers known as “Salt Typhoon” infiltrated wiretap systems of major U.S. telecom and internet providers, including AT&T, Lumen, and Verizon.

   2. The compromised systems are designed to enable government surveillance under the Communications Assistance for Law Enforcement Act (CALEA), which became law in 1994.

   3. These systems provide nearly unfettered access to customer data, including internet traffic and browsing histories.

2. Implications of the Breach

   1. The breach could potentially allow the collection of vast amounts of internet traffic from these companies.

   2. The full scope and goals of the Chinese campaign are not yet known, but national security experts have called the breach “potentially catastrophic.”

3. Expert Opinions

   1. Matt Blaze, a professor at Georgetown Law and expert on secure systems, stated that the breach was “inevitable,” highlighting the inherent security risks of maintaining backdoors.

   2. Riana Pfefferkorn, a Stanford academic and encryption policy expert, criticized the CALEA mandate, arguing that such backdoors expose vulnerabilities rather than provide security.

4. Legal and Policy Background

   1. The CALEA law was enacted to facilitate lawful surveillance by requiring telecom and internet providers to build wiretap systems.

   2. The law’s requirements were expanded after the 9/11 attacks, with the Patriot Act and other surveillance laws increasing wiretapping activities and establishing a wiretapping industry.

5. Historical Context and Repercussions

   1. Former NSA contractor Edward Snowden’s 2013 revelations exposed the extent of government surveillance, including data collection on U.S. citizens.

   2. In response, technology companies increased encryption measures, making it harder for the government to access customer data without a lawful order.

6. Current State of Encryption and Surveillance

   1. While tech companies have moved to encrypt customer data, telecom and internet providers have done little to secure their networks, leaving them vulnerable to wiretaps.

   2. Governments around the world continue to push for laws that undermine encryption, leading to ongoing debates about the balance between security and privacy.

7. Warnings from Security Experts

   1. Security experts argue that backdoors cannot be securely implemented, as they create vulnerabilities that can be exploited by malicious actors.

   2. Signal and other organizations warn that the recent breach is a cautionary tale, demonstrating the dangers of legislated backdoors.

8. Future Considerations

   1. The breach may lead to renewed discussions on the effectiveness and safety of surveillance laws like CALEA.

   2. The incident serves as a reminder of the need for stronger encryption and security measures to protect against similar exploits in the future.

Citations

https://techcrunch.com/2024/10/07/the-30-year-old-internet-backdoor-law-that-came-back-to-bite/