US to probe Chinese telco hacks that targeted Trump, Vance

A federal cyber review panel will open a probe into how Chinese hackers broke inside a swathe of U.S. telecommunications firms and attempted to eavesdrop on the phones of senior American officials, including former President Donald Trump and vice presidential nominee JD Vance, according to two people familiar with the matter.

In a statement, a spokesperson for the Department of Homeland Security, which helms the Cyber Safety Review Board, confirmed that it will “initiate a review of this incident at the appropriate time.” The Wall Street Journal first reported the investigation.

It comes just days after the Trump campaign was told that a Chinese hacking group Microsoft has dubbed Salt Typhoon infiltrated Verizon and was targeting call and text data from the phones of Trump and Vance, in what is believed to be a wide-reaching and potentially historic espionage campaign.

POLITICO reported Friday that federal investigators for now believe the Chinese targeted communications data from phones of roughly 40 people, including senior-ranking U.S. officials. Overall, investigators believe Salt Typhoon has penetrated inside at least 10 telecommunications providers, including AT&T, Lumen and Verizon.

The New York Times first broke the news of the attempted eavesdropping of Trump and Vance. The Washington Post and Wall Street Journal have reported that staffers to Senate Majority Leader Chuck Schumer (D-N.Y.) and the campaign of Vice President Kamala Harris were also targeted.

It is unclear what type of information the Chinese managed to access or how sensitive it is, since a portion of text and call traffic traversing the telecommunications backbone is encrypted.

But in one sign how serious the breach is, the White House earlier this month activated a rare emergency response process, known as a unified coordination group, to try to evict the Chinese hackers.

The Biden administration stood up the Cyber Safety Review Board three years ago to investigate major hacks — in particular, those necessitating a UCG — and develop guidance to prevent them in the future. It is not a regulatory or enforcement body, but it still carries significant influence.

Its last investigation was a searing report into the “inadequate” security culture at Microsoft that led the tech giant to make a raft of internal security changes.

It is unclear when the CSRB will kick off the investigation into the Salt Typhoon or what aspects of the group or the breach it will cover.

Chinese hacking crews like Salt Typhoon have for years broken into high-profile corporate and government organizations by exploiting vulnerabilities in so-called edge devices — such as routers, firewalls and VPNs — that sit between a private network and the internet.

The probe is also likely to cast fresh light on the telecommunications industry, which has suffered a raft of major cybercriminal breaches in recent years.