EXCLUSIVE — National Security Agency (NSA) Director General Timothy Haugh said the agency was investigating China-linked cyberattacks against three U.S. telecommunications firms, but the government had yet to complete “deep looks” into the case.
“We're really at an initial stage of the reporting,” Gen. Haugh told a small group of reporters Sunday, on the sidelines of the Cipher Brief’s 2024 Threat Conference.
“We'll certainly be doing deep looks with first, our domestic agency partners, and then as industry partners are identified and willing to be able to collaborate with them,” Gen. Haugh said. “But I think we are in the early days of an investigation.”
Multiple reports this weekend said that hackers tied to the Chinese government had penetrated the networks of AT&T, Verizon, and Lumen Technologies, and that the operation was likely aimed at accessing U.S. national security information.
The Wall Street Journal – which broke the story – said U.S. investigators believed the hackers may have accessed wiretap warrant requests. The Journal also reported that cybersecurity experts from Microsoft and Mandiant were assisting the government in its investigation.
Gen. Haugh declined to comment on the specifics of the investigation.
The Chinese Embassy in Washington, DC, denied the allegations, and said the U.S. was “politicizing cybersecurity issues to smear China.”
AT&T, Lumen and Verizon have yet to comment on the reports. The wiretap concerns are related to the fact that whenever a U.S. court issues orders for eavesdropping, telecommunications firms are legally obligated to allow federal authorities access to any related electronic information. If China has successfully penetrated the wiretapping system, that would represent a profound breach of U.S. national security.
A growing concern
The telecommunications case is the latest China-linked hack targeting U.S. firms and infrastructure. In recent years, the U.S. has accused China of supporting hacks against a broad range of targets in the U.S.: Chinese dissidents; American diplomats; U.S. companies; and – perhaps most alarming – local water, electricity and other infrastructure systems.
“I think what we see broadly from a PRC [People’s Republic of China] threat perspective is they’re going to be very aggressive at critical infrastructure collection operations and targeting our critical infrastructure,” Gen. Haugh said.
As The Cipher Brief has reported, U.S. officials believe that many of these infrastructure hacks are probes meant to infiltrate U.S. infrastructure in ways that would allow China to compromise those systems in the event of a U.S.-China conflict.
Other leaders in the U.S. Intelligence Community (IC) have warned of the difficulty in defending against the scale and scope of these attacks. FBI Director Christopher Wray said earlier this year that China has 50 times more government-backed hackers than the FBI’s roster of cyber personnel.
“Greatest challenge of our time”
In a speech to the Cipher Brief conference earlier Sunday, Gen. Haugh said China’s cyber operatives are “engaged every day in a deliberate campaign to steal our technology and target our national security systems and the defense industrial base.”
More broadly, he warned that the West faces “an unprecedented challenge…the greatest challenge of our time” in its competition with China.
“The scope and sophistication at which the PRC continues to grow its capabilities and extend its global reach is matched only by the sheer scale and speed of which it acts,” Gen. Haugh said. “It's a reality that it has intensified their actions in cyberspace, where the PRC represents the most daunting of our threats. China has the world's largest cyberspace operations workforce, engaged every day in a deliberate campaign to steal our technology and target.”
Gen. Haugh and several other speakers at The Cipher Brief event issued pleas for public-private sector collaboration to counter the China threat – what Gen. Haugh called a “whole of nation response” to the challenge.
“This is my ask for all of you,” Gen. Haugh said. “It will take actions on the part of our entire country, government, industry, and academia all moving as one to respond to the sweeping approach being carried out by PRC cyber actors.”
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief.
It’s not just for the President anymore. Cipher Brief Subscriber+Members have access to their own Open Source Daily Brief, keeping you up to date on global events impacting national security. It pays to be a Subscriber+Member.
