US adds 9th telecom company to list of known Salt Typhoon targets

Nine U.S. telecommunications firms have been breached in a sweeping Chinese espionage campaign, a top White House official said on Friday, as the U.S. preps policy responses to the intrusion.

The comments from Anne Neuberger, deputy national security adviser for cyber and emerging technology, expand the list of eight previously known victims of the campaign, known as Salt Typhoon. 

The additional company was uncovered after the federal government issued guidance to telecoms that detailed the Chinese techniques and how to spot them on their networks, Neuberger told reporters.

“From that, yes, a ninth company was identified,” she said. The White House has not identified the company.

The Chinese government has denied responsibility for the hack, which swept up the  unclassified communications from the phones of senior U.S. government officials — as well as President-elect Donald Trump and Vice President-elect JD Vance — and the metadata of a still-unknown number of Americans.

The ongoing incident has provoked bipartisan alarm on Capitol Hill and vows of retribution from incoming Trump administration officials.

“We need to start going on offense,” Rep. Mike Waltz (R-FL), who Trump has selected to be his national security adviser, said in an interview with Fox News this week.

Neuberger highlighted a number of steps the administration is undertaking to begin to tackle the breach. She placed particular emphasis on a proposed rule that the Federal Communications Commission will vote on next month that would mandate telecom providers to set and submit annually their cybersecurity practices or face potential fines.

She noted one of the recommendations the administration hopes the agency includes is for firms to segment their networks, “so even if an attacker like the Chinese government gets access to a network, they're controlled and they're contained.”

Neuberger explained that, in one telecom company’s case, a single administrator account had access to over 100,000 routers, so when the Chinese compromised the account, they gained broad access across the entire network.

She cautioned that the full scope of the breach may never be known, as the hackers took steps to erase their tracks and companies failed to keep adequate logs.

While the FCC’s five commissioners are divided along party lines on many issues, its members must “vote to implement the required minimum cyber security practices across telecoms because once those are in place, once companies are taking those steps to make their networks defensible, we would feel more confident to say that the Chinese actors have been evicted and can continue to not be able to come in,” Neuberger urged.

In addition, she said, the General Services Administration is scouring government contracts to “ensure that we're using the power of government procurement to also require high impact cybersecurity practices.”

Neuberger also noted the Commerce Department is pushing ahead with a ban on China Telecom, though a final decision on it will have to wait until Trump takes office.

“There are further actions we're working related to actions like that in that space as well that will be coming out over the next month and over the next coming months,” she said.