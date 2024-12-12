News of the hack began trickling out in September, but the American government waited weeks to confirm the reports. Only this month did it begin briefing members of Congress and the media. Officials say a Chinese hacking group dubbed Salt Typhoon compromised at least eight of America’s telecoms networks. The intruders stole the call-record metadata of a “large number” of Americans. They gained access to the wiretap requests of security agencies—meaning they could work out if any Chinese spies or agents were under American surveillance. And they targeted phones used by officials and politicians, reportedly including Donald Trump, J.D. Vance and members of the Biden administration and the Harris-Walz campaign.

Mark Warner, the chairman of the Senate Intelligence Committee, has called it the “worst telecom hack in our nation’s history—by far”. After receiving a briefing from intelligence agencies, Brendan Carr, the incoming chair of the Federal Communications Commission, said: “It made me want to basically smash my phone.” The hackers remain inside the networks. American officials are struggling to understand how deeply they have penetrated. The government does not know when it will be able to root them out.

The work of Salt Typhoon is the latest demonstration of China’s hacking capabilities. In 2023 American officials discovered that intruders from another Chinese group, Volt Typhoon, were lurking inside networks attached to America’s critical infrastructure. (“Typhoons” are a naming convention used by Microsoft, a tech giant, for China-affiliated hacking groups. Russian groups are called “blizzards”, Iranian groups are “sandstorms”.) The Chinese weren’t disrupting anything, just checking in every six months to ensure they still had access. They had been doing this for five years before the hack was discovered.

The discovery of the Volt Typhoon intrusions was the first time American officials were able to find Chinese hackers “preparing for conflict on our networks”, says Brandon Wales, the former executive director of America’s Cybersecurity and Infrastructure Security Agency. Since then American officials have been sounding the alarm. China was called the “most active and persistent” cyber-menace in this year’s threat assessment by the American intelligence community. Christopher Wray, the outgoing FBI director, has said that even if every one of his cyber-agents and intelligence analysts worked exclusively on China, they would still be outnumbered by China’s hackers “by at least 50 to 1”.

China’s prowess at hacking is the result of more than a decade of investment by the government. The push under Xi Jinping, China’s leader, was motivated by a sense of threat, says Dakota Cary of the Atlantic Council, a think-tank. Mr Xi came to power in 2012, shortly after China discovered and executed more than a dozen of the CIA’s informants in the country. Then, in 2013, Edward Snowden revealed that America had been hacking hundreds of targets in China. In response, Mr Xi established a new agency and a Communist Party committee focused on cyber-security. The state certified some Chinese universities as “world-class cyber-security schools” and China’s top intelligence agency started sponsoring hacking competitions. (A recent report by Chinese universities said that the country is producing 30,000 new cyber-security experts each year.) The Ministry of Public Security has also made it harder for Chinese experts to share with the public vulnerabilities they discover in commonly used tech. These are now reported to the government.