Beijing can likely track the movements and communications of those affected.
Federal law enforcement recently released a new advisory outlining the extent of Chinese state-backed hacking attempts against the United States and other nations.
The advisory outlines the previously unknown breadth and depth of several key cyberoperations backed by the Chinese Communist Party (CCP) and targeting the United States and other nations.
Here is what to know about the attacks.
Key CCP Cybercampaign Active Since 2019
Of key importance is the FBI’s acknowledgment that the Chinese hacking group known as Salt Typhoon has been active since at least 2019 and has infiltrated hundreds more organizations than previously known.
“Active since at least 2019, these actors conducted a significant cyber-espionage campaign, breaching global telecommunications privacy and security norms,” Brett Leatherman, head of the FBI’s Cyber Division, said in a pre-recorded statement.
“Beijing’s indiscriminate targeting of private communications demands our stronger collaboration with partners to identify and counter this activity at the earliest stages.”
The new advisory, jointly published on Aug. 27 by the Cybersecurity and Infrastructure Security Agency (CISA) and numerous international partners, augments a previous report released by the agency in 2024.
“[Communist China’s] state-sponsored cyber threat actors are targeting networks globally, including … telecommunications, government, transportation, lodging, and military infrastructure networks,” the new advisory reads.
China’s Hackers Involved
Hackers backed by the CCP have waged a cyberwar against the United States for years.
They have attempted to sabotage critical infrastructure, impersonate U.S. voters, and interfere in U.S. elections.
The Salt Typhoon hack first came to public view in autumn 2024, when then-vice presidential candidate JD Vance said Chinese hackers had breached his cellphone as part of the campaign.
Vance said at the time that the hackers were able to breach his phone using back-end infrastructure originally created to accommodate the Patriot Act and Foreign Intelligence Surveillance Act Section 702, which allows government surveillance of U.S. citizens under certain circumstances.
Major corporations such as Verizon, AT&T, and CenturyLink were among the companies then known to be targeted.
CISA acknowledged at the time that at least eight major telecommunications firms had been breached by the hackers and could access virtually all text and call metadata retained by those companies.
