U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack

https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694

https://www.msn.com/en-us/technology/cybersecurity/u-s-officials-urge-americans-to-use-encrypted-apps-amid-cyberattack/ar-AA1vdjLj

https://www.reuters.com/technology/cybersecurity/us-official-fighting-chinese-telecom-intrusions-urges-more-encryption-2024-12-03/

https://gizmodo.com/fbi-warns-americans-to-start-using-encrypted-messaging-apps-2000533800

FBI and CISA officials said it was impossible to predict when the telecommunications companies would be fully safe from interlopers.

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers.

A spokesperson for the Chinese Embassy in Washington did not immediately respond to a request for comment.

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China’s intercepting their communications.

“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Greene said.

The FBI official said, “People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant” multi-factor authentication for email, social media and collaboration tool accounts.

The scope of the telecom compromise is so significant, Greene said, that it was “impossible” for the agencies “to predict a time frame on when we’ll have full eviction.”

The hackers generally accessed three types of information, the FBI official said.

One type has been call records, or metadata, showing the numbers that phones called and when. The hackers focused on records around the Washington, D.C., area, and the FBI does not plan to alert people whose phone metadata was accessed.

The second type has been live phone calls of some specific targets. The FBI official declined to say how many alerts it had sent out to targets of that campaign; the presidential campaigns of Donald Trump and Kamala Harris, as well as the office of Senate Majority Leader Chuck Schumer, D-N.Y., told NBC News in October that the FBI had informed that they had been targeted.