Salt Typhoon Breaches Telecoms: CISA Urges E2EE
After a wave of data breaches targeting telecommunications companies across several nations, including the United States, the Cybersecurity and Infrastructure Security Agency (CISA) has strongly urged government officials and political figures to adopt messaging platforms that support end-to-end encryption (E2EE), such as Signal.
The data breach came to light in October when CISA and the FBI confirmed the compromise of several U.S. telecommunications providers, including T-Mobile, AT&T, Verizon, and Lumen Technologies. The attack has been attributed to the Chinese threat group known as Salt Typhoon, active in cyber-espionage since 2019. The perpetrators infiltrated the systems of these operators and remained undetected for several months.
While the recommendations primarily target high-profile individuals likely to be in the crosshairs of cyber-espionage campaigns, these precautions are beneficial for all users concerned about the security of their data. CISA warns that all mobile communications, whether personal or governmental, are vulnerable to interception or tampering.
The agency advises utilizing applications equipped with end-to-end encryption, such as Signal, to securely exchange messages across devices, including iOS, Android, and desktop platforms. Signal supports cross-platform messaging, ensuring robust security for its users.
CISA further recommends implementing phishing-resistant multifactor authentication and hardware security keys to safeguard accounts on platforms like Microsoft, Apple, and Google. Key measures include enabling advanced protection features, such as Google’s Advanced Protection Program and Apple’s Lockdown Mode.
Additional guidance from CISA includes discontinuing the use of SMS-based authentication, adopting password managers, and configuring PINs or passwords to mitigate the risk of SIM-swapping attacks.
Moreover, the agency underscores the importance of regular software updates to address vulnerabilities and advises using modern, up-to-date hardware to ensure reliable security.