In the wake of an unparalleled cyberattack targeting major U.S. telecommunications providers, including AT-&T, Verizon, and Lumen Technologies, federal officials have urged Americans to protect their communications by using encrypted messaging apps.Microsoft has dubbed the hacking campaign ‘[Salt Typhoon](https://cybersecuritynews.com/chinese-salt-typhoon-hacked-8-telecoms/)’ as one of the most significant intelligence compromises in U.S. history. Despite ongoing efforts, officials have acknowledged that the breaches have not yet been fully mitigated.On a media call Tuesday, U.S. officials declined to offer a timeline for resolving the crisis but called upon citizens to take proactive security measures. ‘Encryption is your friend,’ said Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA). ‘Even if adversaries intercept the data, robust encryption makes it unusable.’**`Analyze cyber threats with ANYRUN’s powerful sandbox. Black Friday Deals : `[Get up to 3 Free Licenses](https://app.any.run/plans?utm_source=csn&utm_medium=article&utm_campaign=black_friday&utm_content=plans_1&utm_term=271124)`.`****A Massive Espionage Campaign**——————————–Hackers allegedly targeted sensitive telecommunications data to spy on American customers, identifying China as the likely perpetrator of the breaches. However, the Chinese Embassy in Washington denied involvement, stating in an email to NBC News, ‘China firmly opposes and combats all kinds of cyberattacks.’According to U.S. officials, the hackers accessed three primary types of information:1. **Call Metadata**: Records detailing which phone numbers were contacted and when, with particular focus on the Washington, D.C., area.2. **Live Phone Calls**: Conversations of specific targets, including political figures and government officials.3. **CALEA Systems**: Systems used to comply with the Communications Assistance for Law Enforcement Act, which handles sensitive court-ordered surveillance.The FBI has declined to notify individuals whose metadata was accessed, but confirmed that some targets—such as the 2024 presidential campaigns of Donald Trump and Kamala Harris, along with Senate Majority Leader Chuck Schumer’s office—were alerted after being specifically compromised.’This is not election interference,’ a senior FBI official clarified, adding that the breach appeared to be a ‘traditional espionage operation’ aimed at intelligence-gathering.Both CISA and FBI officials have recommended that Americans adopt encrypted messaging platforms such as **Signal** or **WhatsApp**, which automatically provide end-to-end encryption. Other tools, like Google Messages and iMessage, also offer similar protections.For further security, officials advised using mobile devices that receive regular software updates, implementing phishing-resistant multi-factor authentication, and encrypting both messages and calls.**Criticism of CALEA Vulnerability**————————————The breach has reignited debate over the vulnerabilities of the Communications Assistance for Law Enforcement Act ([CALEA](https://www.calea.org/)), which requires telecom providers to maintain systems enabling lawful surveillance. Critics argue that CALEA’s reliance on unencrypted systems leaves them exposed to foreign adversaries during cyberattacks.’Whether it’s AT-&T, Verizon, or Microsoft and Google, when these companies are inevitably hacked, China and other adversaries can steal that data,’ said Senator Ron Wyden, D-Ore., a leading privacy advocate.Officials acknowledged that the scope of the attack makes it ‘impossible’ to predict when the systems will be fully secure as agencies work to address the ongoing cyber threat.In the meantime, the FBI’s tempered remarks emphasize caution and vigilance. ‘This is a large-scale cyberespionage campaign,’ said the FBI official. ‘The methods employed were precise and advanced, yet they align with the wider framework of conventional cyberespionage.’As the investigation continues, U.S. authorities remain focused on both mitigating immediate risks and improving long-term cybersecurity defenses.**Free Webinar on Best Practices for API vulnerability -& Penetration Testing: [Free Registration](https://webinars.indusface.com/72-hours-to-audit-ready-api-security-a-proven-framework/register?utm_source=gbhackers-side-banner&utm_campaign=2024-dec-webinar-api-security&utm_medium=referral)**The post [U.S. Officials Warn Americans to Use Only Encrypted Messaging Apps](https://cybersecuritynews.com/u-s-officials-warn-americans-to-use-only-encrypted-messaging-apps/) appeared first on [Cyber Security News](https://cybersecuritynews.com).
Related Tags:
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 42 – Wholesale Trade
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 517 – Telecommunications
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 922 – Justice
Public Order
Safety Activities
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 51 – Information
Associated Indicators: