In this era where information leaks are rampant, is information security just a declaration to give people peace of mind?
The Deputy Assistant Director for Cybersecurity at the Federal Bureau of Investigation (FBI), Michael Machtinger, revealed that the Chinese government-backed hacker group "Salt Typhoon" has long infiltrated the U.S. telecommunications network, collecting communication and location data of hundreds of millions of people. He emphasized that this is an unprecedented large-scale cyber espionage operation, with nearly "every American" having a high probability of their data being stolen. The infiltration, which began in 2019, was initially mistaken for intelligence activities targeting sensitive sectors, but later proved that ordinary citizens were also targets. The U.S. only disclosed this incident last autumn, and the latest investigation shows over 80 countries were attacked, with about 200 U.S. companies affected, including Verizon and AT&T.
According to public intelligence, Salt Typhoon can not only locate millions of mobile users by stealing telecom system data but also intercept network traffic and eavesdrop on call records. The victim list reportedly includes former President Donald Trump, Vice President JD Vance, and over 100 current and former senior White House officials. The operation is alleged to have close ties with certain Chinese tech companies and the Ministry of State Security, the People's Liberation Army. Machtinger criticized the scale and indiscriminate nature of the operation as far exceeding the "norm" of typical espionage activities, and warned the U.S. and its allies to address the issue of outdated cybersecurity infrastructure.
In addition to Salt Typhoon, U.S. authorities also warned that other Chinese hacker groups like Volt Typhoon and Silk Typhoon are actively operating globally, infiltrating routers, cloud service providers, and pre-deploying potentially destructive cyberattacks. Machtinger also pointed out that Russia, Iran, North Korea, and other transnational criminal groups continuously attack U.S. civilian and government systems, so the U.S. must upgrade its network infrastructure, phase out outdated equipment, and increase the cost and difficulty of hackers breaching systems.
In the Hacker News discussion forum, some users pointed out that this is not merely a Chinese issue; the U.S. government's cybersecurity policies also warrant review. Many emphasized that the U.S. has set up numerous communication backdoors (such as the legal interception systems required by the Communications Assistance for Law Enforcement Act), which now become "ready tools" for hackers, allowing Salt Typhoon to easily infiltrate and monitor communications. Some users criticized this as proof of long-standing warnings about "government backdoors": once a backdoor is set, not only can the government listen in, but adversarial forces can also exploit it. Others questioned the credibility of the FBI, arguing that given the U.S. history of long-term concealment or manipulation of information, it's hard to fully trust official statements without independent third-party verification.
The discussion also highlighted that the U.S. previously dominated global surveillance (e.g., NSA's PRISM and Upstream programs) as "normal," while China's ability to achieve similar scale was deemed "transgression," reflecting the new reality of information warfare. Some users suggested this would prompt the U.S. to further strengthen its surveillance and data collection, forming a more severe privacy invasion cycle. Others warned that besides China, the data brokering industry enables the purchase of large amounts of sensitive information in legal markets, indirectly fueling espionage activities. Overall, the discussion atmosphere shows not only concern about Chinese hacker activities but also deep unease about U.S. government policies and global cybersecurity conditions.
https://news.ycombinator.com/item?id=45074157