The insightful articles, inspiring narrations and analytical perspectives presented by the Editorial Team, establish an alluring connect with the reader. My compliments and best wishes to SP Guide Publications.
"Over the past 60 years, the growth of SP Guide Publications has mirrored the rising stature of Indian Navy. Its well-researched and informative magazines on Defence and Aerospace sector have served to shape an educated opinion of our military personnel, policy makers and the public alike. I wish SP's Publication team continued success, fair winds and following seas in all future endeavour!"
Since, its inception in 1964, SP Guide Publications has consistently demonstrated commitment to high-quality journalism in the aerospace and defence sectors, earning a well-deserved reputation as Asia's largest media house in this domain. I wish SP Guide Publications continued success in its pursuit of excellence.
Chinese hacking group 'Salt Typhoon,' linked to China's Ministry of State Security, has conducted extensive cyber-espionage operations targeting US telecommunication infrastructure, political figures, and national security officials
The Author is Former Director General of Information Systems and A Special Forces Veteran, Indian Army |
Cyber-attacks undertaken/being undertaken by China worldwide, including in India, are well known. Government officials in India believe that attacks on Indian government networks, like the National Security Council have originated from China. According to the Indian government; Chinese hackers are experts in operating botnets used in these attacks. Additionally, other instances of Chinese cyberattack against India's cyberspace have been reported in multitude. A glimpse of China's cyber spy-sabotage network was covered in these columns on October 14 this year.
On April 8, 2020, China's state-owned 'China Telecom' advertised erroneous network routes for 18 minutes that instructed "massive volumes" of the US and other foreign Internet traffic to go through Chinese servers. A US Department of Defense (DoD) spokesman told reporters that he did not know if "we've determined whether that particular incident ... was done with some malicious intent or not". China Telecom naturally denied the charge that it "hijacked" the US Internet traffic.
Cyber-attacks originating from China, including on Indian government networks such as the National Security Council, are well-documented, with Chinese hackers adept at using botnets for such operations.
Earlier, there were fears that China would interfere in the US presidential elections scheduled on November 5, 2024, which apparently it did not. But same day, a report in the Wall Street Journal gave astounding details of Chinese hackers using precision strikes spied on America's senior national security and policy officials, in addition to politicians, by scooping up call logs, unencrypted texts and some audio, piercing America's communications infrastructure for some eight months or more. The targets included JD Vance, running mate of Donald Trump for the presidential race.
The extensive cyber operations are assumed to have been carried out by the Chinese hacking group 'Salt Typhoon' working for China's Ministry of State Security (MSS) responsible for collection of foreign intelligence. The MSS often relies on contractors to carry out hacking missions. The Slovakia-based cybersecurity firm 'ESET' has been referring to the Salt Typhoon hacking group as 'Famous Sparrow' saying it has previously broken into government agencies and hotel networks worldwide, including in France, the UK, Israel, Saudi Arabia, Taiwan and Brazil, among other countries. According to ESET, they were one of or more than 10 advanced hacking teams caught exploiting a series of flaws in Microsoft's exchange email software in 2021.
Salt Typhoon's infiltration of US telecom networks exploited vulnerabilities, even in patched systems, and enabled targeted surveillance of select high-value political and national security figures.
In the instant case, Salt Typhoon burrowed deep into the US telecommunication infrastructure; with each layer of network infrastructure they unlocked, they studied how America's communications wiring works without detection, carrying out targeted thefts. At Lumen Technologies, a carrier and government contractor whose network makes up a core piece of the global internet, hackers first stole credentials to give themselves access to parts of the management layer of the company's infrastructure, which helped them quietly collect information about how networks routers were configured and perform other reconnaissance. In the attack on US telecom networks, hackers also targeted systems that carriers use to comply with court-authorised surveillance requests. Lumen, which has contracts with the Pentagon and other US agencies, was notified of the intrusion by a company that specialises in threat intelligence.
The hackers also attempted to re-enter patched systems after being ejected from them by exploiting additional powerful vulnerabilities, some of which weren't previously known to cybersecurity analysts. In some cases, hackers continue to stay inside the systems even after their cover was blown; continuing to collect data. The hackers had the ability to access the phone data of virtually any American who is a customer of a compromised carrier – a group that includes AT&T and Verizon but limited their targets to several dozen select, high-value political and national security figures. The hackers also appeared to have infiltrated communications provided outside the US, including at least one country that closely shares intelligence with the US (Israel?), though it is isn't known how extensively.
US intelligence warns that China applies AI to stolen data to build social maps and dossiers on millions of Americans, showcasing an advanced mastery of cyber espionage.
In addition to surveillance on specific Americans, targeting of court-authorised wiretap systems has prompted fears that Beijing was able to observe ongoing US inquiries into Chinese spies and others. According to cybersecurity researchers, Salt Typhoon attacker have previously compromised some telecommunication infrastructure in Southeast Asia. US intelligence officials have been warning for over a decade that China has amassed an enormous trove of information on Americans in order to identify undercover spies, understand and anticipate decisions by political leaders, and potentially build dossiers on ordinary citizens for future use. US security officials have said they are concerned that China is applying artificial intelligence (AI) to their stolen data to glean additional insights and create elaborate social maps of millions of Americans, and that China's mastery of cyber espionage is dangerously advanced.
The interesting part is that compromised victims of the hackers included persons affiliated with both the Donald Trump and Kamala Harris campaigns. It has already been mentioned above that the Chinese hackers of Salt Typhoon, using precision strikes targeted America's senior national security and policy officials, in addition to politicians, plus their numerous contacts with whom they communicated.
India's telecommunication networks, containing Chinese components, may already be compromised, necessitating urgent action to counter China's cyber capabilities and protect national security.
China is known to plan decades in advance, Therefore, since the instant hacker operations were ongoing for more than eight months before the US presidential elections, it would not be surprising if China had already deduced that Donald Trump would win the presidential race while the Americans were talking of a tight race between the two contestants, the world awaited the outcome and Allan Licthman, called America's Nostradamus, predicted a Kamala Harris win.
Beijing would have anticipated Trump unleashing more sanctions against China and additional tariffs on Chinese products in his second presidency, as also speeding up America's decoupling with China. It is, therefore, not surprising that China agreed to thaw relations with India (although on Chinese terms), in order to get full access to India's markets, which the Indian businessmen and corporate have wanting anyway. It is for the same reason, Chinese and Indonesian have recently signed business pacts with Indonesia.
Finally, our policy makers need to seriously examine threats to India's national security in relation to China's cyber capabilities as described above. Our telecommunication network and some other systems having Chinese components already stand compromised A lackadaisical approach can prove suicidal in critical situations.