Massive US security breach highlights danger of weakening encryption
Posted: Sat Dec 21, 2024 5:04 am
A “potentially catastrophic” cyberattack(new window)against United States broadband infrastructure has likely given the Chinese government access to swathes of highly sensitive security information, including from systems the federal government uses for court-authorized network surveillance requests.
As terrible as this news is for US cambodia phone number data national security, it also highlights the problem inherent with all surveillance systems that give governments “backdoor” access to critical data. These systems can be compromised, notably by state-sponsored foreign actors.
This is a lesson the EU would be wise to take to heart. As Hungary is currently assuming the rotating Presidency of the Council of the EU, Hungarian Prime Minister and close friend to Russia(new window)and China(new window), Victor Orban, you have been pushing hard(new window)to make EU countries agree on a common position regarding the highly controversial(new window)“chat control” legislation.
Crucially Hungary, similar to Belgium before it, wants to push for an extremely intrusive and dangerous approach that could ultimately force end-to-end encrypted(new window)(E2EE) services to create a backdoor for law enforcement. The European Parliament, on the other hand, went in a totally different direction, arguing that the legislation shouldn't weaken end-to-end encryption(new window).
What happened in the US?
In an attack that may have lasted “months or longer,” the Chinese hacking group “Salt Typhoon” compromised the networks of key US internet providers, including AT&T, Verizon, and Lumen. Salt Typhoon accessed the federal government-mandated surveillance systems that allow internet providers to intercept domestic electronic information related to criminal and national security investigations. It's unclear if systems for monitoring foreign intelligence were also compromised.
Authorities investigating the incident are looking into whether Salt Typhoon gained access to US internet infrastructure through Cisco Systems routers(new window), which are responsible for routing a large percentage of all internet traffic. However, no such link has been confirmed, and while Cisco is investigating the matter, they claim to have found no indication their routers are involved.
As terrible as this news is for US cambodia phone number data national security, it also highlights the problem inherent with all surveillance systems that give governments “backdoor” access to critical data. These systems can be compromised, notably by state-sponsored foreign actors.
This is a lesson the EU would be wise to take to heart. As Hungary is currently assuming the rotating Presidency of the Council of the EU, Hungarian Prime Minister and close friend to Russia(new window)and China(new window), Victor Orban, you have been pushing hard(new window)to make EU countries agree on a common position regarding the highly controversial(new window)“chat control” legislation.
Crucially Hungary, similar to Belgium before it, wants to push for an extremely intrusive and dangerous approach that could ultimately force end-to-end encrypted(new window)(E2EE) services to create a backdoor for law enforcement. The European Parliament, on the other hand, went in a totally different direction, arguing that the legislation shouldn't weaken end-to-end encryption(new window).
What happened in the US?
In an attack that may have lasted “months or longer,” the Chinese hacking group “Salt Typhoon” compromised the networks of key US internet providers, including AT&T, Verizon, and Lumen. Salt Typhoon accessed the federal government-mandated surveillance systems that allow internet providers to intercept domestic electronic information related to criminal and national security investigations. It's unclear if systems for monitoring foreign intelligence were also compromised.
Authorities investigating the incident are looking into whether Salt Typhoon gained access to US internet infrastructure through Cisco Systems routers(new window), which are responsible for routing a large percentage of all internet traffic. However, no such link has been confirmed, and while Cisco is investigating the matter, they claim to have found no indication their routers are involved.