The U.S. cybersecurity sector has frequently issued warnings, accusing Chinese hackers of invading critical U.S. infrastructure through complex cyber attacks in an attempt to gain an advantage in a possible conflict between China and the United States. On November 22, Morgan Adamski, executive director of the U.S. Cyber Command, made it clear at the Cyberwarcon security conference in Arlington, Virginia that the cyber activities of Chinese hackers have a high degree of strategic intent, with the goal of "preparing for major crises or conflicts in the future."
The Cyber Command is an important combat agency of the U.S. Department of Defense, mainly responsible for military operations and defense in the cyber field. According to Adamski, these attacks on critical U.S. infrastructure are expanding in scope, and the motivation behind them points directly to the core of U.S. national security.
"Salt Typhoon" hacker group: shocking attack targets and techniques
A recent investigation report by the U.S. Federal Bureau of Investigation (FBI) revealed the activities of a Chinese hacker group called "Salt Typhoon". It is reported that the organization has frequently carried out high-level cyber espionage activities since 2020, and this time it directly targeted the U.S. telecommunications system.
The report shows that the "Salt Typhoon" hackers used a variety of technical means to infiltrate the networks of major telecom operators including T-Mobile, AT&T and Verizon, obtain user call records, text messages, and even monitor phone conversations. The stolen data involves high-value intelligence targets, including senior political officials and law enforcement personnel.
In addition to obtaining sensitive communication data, these attacks also revealed serious security vulnerabilities in the US telecommunications infrastructure. Federal agencies warned that such attacks not only pose a threat to privacy and security, but may also affect critical law enforcement and government communications.
Hackers' methods are complex and diverse: network experts are shocked by their adaptability
Cybersecurity experts said that the "Salt Typhoon" hackers demonstrated a high degree of technical ability. They used a combination of legitimate tools and proprietary malware to evade security detection. The complexity and flexibility of this method was described as "shocking."
These hackers carried out attacks in a variety of ways, including exploiting vulnerabilities in external network services and remote management tools to enter the system. Once successful, they will maintain access for a long time and continue to steal data. More worryingly, hackers can also dynamically adjust their strategies to respond to upgrades in target network security measures.
US top leaders are concerned: Historic threats directly hit national security
In an interview with The Washington Post, Mark Warner, chairman of the US Senate Intelligence Committee, pointed out that this attack on the telecommunications system may be "the most serious telecommunications hacking incident in US history." He emphasized that this incident highlights the vulnerability of the national communication system and called for strengthening the protection of infrastructure.
Warner figuratively said that "the door of the barn is still open" and that if no action is taken, the threat may spread further. He called on major US telecommunications companies to accelerate the deployment of stronger security protocols to deal with increasingly complex cyber attacks.
The official response of the Chinese Communist Party is absent, and the outside world questions its role behind the scenes
Although many US agencies have accused the "Salt Typhoon" hackers of being related to the Chinese Communist Party, the Chinese Communist Party has always denied participating in cyber attacks against US entities. In the face of US warnings, the Chinese Embassy in Washington has not yet responded to requests for comment.
The Chinese Communist Party's cyber strategy has always been known for its high degree of concealment. It is generally believed that the Chinese Communist Party accumulates technical intelligence through cyber espionage while weakening key areas of its opponents, thereby gaining an advantage in potential conflicts. This behavior not only exacerbated the tension between China and the United States, but also brought the world's attention to cybersecurity to an unprecedented level.
Reflecting on the crisis: How should the United States respond to cyber threats?
This incident once again reminded the United States that the cybersecurity issue of critical infrastructure is no longer just a technical problem, but also a core issue of national security. With the escalation of cyber attack methods, traditional defense strategies are obviously no longer able to cope with it.
Experts suggest that the United States should strengthen its response measures in the following aspects:
Improve the security protection of critical infrastructure: Conduct a comprehensive cybersecurity review of telecommunications, energy, and transportation, and deploy more advanced defense tools.
Strengthen international cooperation: Join allies to establish a cyber defense alliance, share intelligence and technology, and jointly fight against increasingly complex cyber threats.
Promote legislation and supervision: Through stricter regulations, require companies to increase their investment in cybersecurity, and at the same time formulate a clear accountability mechanism.
Strengthen the emergency response mechanism: Form a special team to quickly respond to potential major cybersecurity incidents and reduce the impact of attacks.
Cybersecurity will be an important battlefield for the Sino-US game
The confrontation between China and the United States in cyberspace has become a new focus of the game between major powers. In the face of escalating cyber threats, the United States needs to increase investment and actively innovate to gain a foothold in this invisible war. At the same time, this also reminds countries around the world that the security of cyberspace is not only related to national interests, but also a common challenge in the era of globalization.
In the future, only through technological progress and international cooperation can we effectively respond to this complex and potential threat and maintain global cyber security.