[ad_1]
US telecommunications giant It is under constant attack from Chinese hackers. A federal investigation has revealed massive cyber espionage by the Chinese government. It targets US telecommunications networks. to steal American information A senior White House official confirmed that at least eight US telecommunications companies were affected by the hack.
To combat this, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued guidance for telecom companies to help them detect and block hackers while preventing future attacks. I break down the details of this Chinese hacking campaign and share tips for keeping your data safe.
Receive security alerts EXPERT TIP – SUBSCRIBE TO THE KURT NEWSLETTER – CYBERGUY REPORT HERE
Illustration of a hacker at work (Kurt “Cyber Guy” Nutsson)
What you need to know about China’s hacking campaign
According to the FBIBeijing-linked hackers have infiltrated the networks of “several” telecom companies to gain access to customer call records and their private communications. “Limited number of people” as this is an espionage campaign So they don’t care about the average Joe’s text messages or call history, but their target is Americans involved in government and politics.
Hackers also try to copy “Some information is subject to requests from U.S. law enforcement agencies. According to the FBI, this suggests they may be attempting to violate the program as it would under the Foreign Intelligence Surveillance Act. which allowed the US spy agency Track communications of individuals suspected of working for foreign powers.
Earlier this month, Deputy National Security Adviser Anne Neuberger shared new details about the scale of China’s hacking campaign. According to Neuberger, the U.S. believes hackers gained access to communications from high-ranking government officials. and important political figures
She explains that while hackers focus on a relatively small group of individuals, But a limited number of Americans’ calls and texts were compromised. Neuberger also said affected telecom companies were working to fix the breach. But no one has been able to completely remove Chinese hackers from their networks.
It is believed that the campaign started one or two years ago. Related news agencies– Authorities suspect that a Chinese hacker group known as Salt Typhoon is behind the operation.
Illustration of a hacker at work (Kurt “Cyber Guy” Nutsson)
Here’s what ruthless hackers stole from 110 million AT&T customers
How can hackers gain access to sensitive information?
Experts believe Salt Typhoon was able to gain access to call records and private communications by leveraging decades-old backdoors at major telecom carriers, including AT&T and Verizon.
“The irony is that the backdoor that the Chinese exploit is the same backdoor that federal law enforcement agencies use for legal surveillance purposes,” said John Ackerly, CEO and co-founder of Virtru Data. The security-centric company told CyberGuy.
This loophole is a result of the law. Communications Assistance for Law Enforcement Act (CALEA), a federal law that enforces backdoors in critical telecommunications infrastructure. CALEA gives law enforcement agencies access to telephone records and metadata. Including facilitating telephone wiretapping. as part of an authorized investigation
“The problem with the back door is simple. They did not choose Backdoors created for law enforcement are inherently weak points in the system. And when loopholes exist Anyone who finds them can exploit these vulnerabilities. “Both good guys and bad guys can get in the back door,” said Ackerly, who previously served as a White House technology adviser.
Illustration of a hacker at work (Kurt “Cyber Guy” Nutsson)
Beware of encrypted PDF files, this is the latest trick to deliver malware to you.
The solution is end-to-end encryption.
To protect private conversations and calls Cybersecurity experts recommend using end-to-end encrypted platforms. Jeff Greene, assistant director of cybersecurity at CISA, urged Americans to prioritize encrypted communication tools.
“Use your encrypted communications where you have them,” Green advises, emphasizing the importance of secure platforms. He added: “We definitely have to do that. By looking at what it means in the long run. How do we secure our network?”
FBI officials warn that people should “Use a mobile phone that receives automatic operating system updates. Responsibly managed encryption and anti-phishing MFA for email accounts. social media and collaboration tools”
However, cybersecurity experts warn that these measures are not foolproof. The term “responsibly managed encryption” is problematic because it is intended to leave room for “responsible encryption.” “lawful access” such as backdoors required by CALEA
“It is clear that backdoor encryption is completely irresponsible,” Ackerly said. End-to-end encryption must be acknowledged and supported as a stronger defense against foreign adversaries.”
Illustration of a cyber security expert at work (Kurt “Cyber Guy” Nutsson)
What to do if your bank account is hacked
10 ways to protect your personal information from cybersecurity threats
Now we’ve talked about threats. Let’s take a look at the solutions. Here are 10 ways you can keep your personal information safe.
1) Use an end-to-end encrypted platform: for personal communication Prioritize platforms that offer end-to-end encryption. This ensures that only you and the intended recipient can access your messages or calls. Prevents unauthorized access by hackers or other third parties.
“Anyone can take control of their data and protect themselves from security threats by using applications with end-to-end encryption, whether you’re sending emails. Send messages and files or video chat The only way to truly guarantee your data is Security from bad actors is encryption while traveling,” Ackerly said. “Choose apps or tools that are easy to use so you can actually use them.”
for sending messages Try using an app like Signal or WhatsApp– for email services Look for a service that offers end-to-end encryption that is easy to use. These platforms ensure that your private communications remain safe from unauthorized access. See my reviews of the best secure and private email services here.–
2) Keep your device’s operating system updated: Make sure that your mobile phone and other devices Your device automatically receives timely OS updates. These updates often contain critical security patches that protect against new vulnerabilities. that hackers take advantage of For reference Please see my instructions on How to keep all your devices up to date–
3) Enable Two-Factor Authentication (2FA): Set up anti-phishing protection 2FA in email accounts, social media and your collaboration tools This adds another layer of protection. It requires more than just your password to access your account. This makes it harder for cybercriminals to steal your information.
4) Use strong antivirus software: Be wary of phishing techniques and don’t be suspicious of suspicious links, emails, or phone calls asking for personal information. Cybercriminals often use these methods to gain access to your sensitive information.
The best way to protect yourself from malicious links is to install antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware scams. To keep your personal information and digital assets safe Pick the winner of 2024’s best antivirus protection for your Windows, Mac, Android, and iOS devices.–
5) Encrypt sensitive data: Encrypt data on USB drives, SIM cards, and laptops to protect your data if your device is lost or stolen. Also, be sure to password protect your important files or folders by following these steps: These steps–
6) Use strong password practices: Use a complex, unique password for each account. and consider using Password manager–
7) Back up your data regularly: Backing up your data helps prevent data loss from ransomware or device failure. You will want to backup your data. Mobile devices– mac and window computer
8) Be careful using public Wi-Fi: use VPN (Virtual Private Network) When connected to Public Wi-Fi network to encrypt your internet traffic This makes it harder for hackers and third parties to intercept your data, especially on public Wi-Fi. VPNs mask your IP address, helping to mask your location and online activity. Although VPNs don’t directly protect against phishing emails, But it also reduces exposure of your browsing behavior to trackers that might use this information maliciously. With a VPN, you can securely access your email account from anywhere. Even in areas with strict internet policies For the best VPN software, check out our expert reviews of the best VPNs for private browsing on your device. Windows, Mac, Android, and iOS devices–
9) Invest in personal data deletion services: Consider a service that scrubs your personal information from public databases. This reduces the chance of your data being used in phishing or other cyberattacks. after the violation Check out my top picks for data deletion services here.–
10) Use identity theft protection: The Identity Theft Protection Service monitors your account for unusual activity. Alerts you to potential threats. They can also help with troubleshooting if your data is compromised. Check out my top tips and options on how to protect yourself from identity theft.
Kurt’s Essentials
It cannot be denied that the United States It is facing serious cyberattacks that are putting millions of people at risk. What’s even more worrying is that hackers continue to exploit telecom operators. Even though the problem has been made public. Affected governments and companies must prioritize addressing this threat and fixing the back doors used by cybercriminals. We are witnessing one of the largest intelligence compromises in United States history.
Do you believe current laws regarding encryption and lawful access are enough to protect your privacy? Why not? Let us know by writing to us at Cyberguy.com/Contact–
Want more tech tips and security alerts? Please subscribe to my free CyberGuy Report newsletter by visiting Cyberguy.com/Newsletter–
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most frequently asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com All rights reserved.
[ad_2]
Source link
