US urges use of encrypted messaging apps following Salt Typhoon hack
U.S. officials are urging Americans to use encrypted messaging apps in order to prevent their correspondence from falling into the hands of hackers.
NBC News reported the release of the new guidance on Tuesday. A senior FBI official and Jeff Greene, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, issued the recommendation on Tuesday during a press briefing.
The guidance follows the discovery of a large-scale cyberattack campaign against U.S. telecommunications companies. Salt Typhoon, a Chinese state-backed hacking group, has compromised the networks of AT&T Inc., Verizon Communications Inc. and Lumen Technologies Inc.. T-Mobile US Inc. said that the hackers didn't access its infrastructure, but did compromise a connection which linked its systems to a different provider's network.
Greene detailed during the press briefing that officials have not yet mapped out the full scope of the breach. Furthermore, it's believed that the hackers still have access to some compromised systems.
"Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication," Greene said. "Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible."
Many encrypted communications apps protect user correspondence with so-called E2EE, or end-to-end-encryption. Usually, messages are scrambled in a way that theoretically allows a communication app's developer to read their contents. E2EEE scrambles messages before they leave the user's device, which means not even the app developer can access it.
The technology also keeps messages secure when the network over which they are sent is compromised by hackers. Because correspondence enters the network in an encrypted form, it can be intercepted but not read.
Salt Typhoon reportedly accessed three types of data during its hacking campaign against U.S. carriers.
First, the hackers eavesdropped on phone calls made by a "small number of political or government-linked individuals." They also collected metadata about individuals in the Washington, D.C. area such as which numbers they dialed and when. Lastly, it's believed Salt Typhoon compromised systems that carriers use to process court orders from law enforcement agencies.
Besides recommending the use of encrypted messaging apps, officials also issued other cybersecurity guidance on Tuesday. Consumers are advised to implement multifactor authentication and use handsets that automatically receive timely operating system updates. Separately, a group of government agencies issued a guide on how carriers can improve their cybersecurity.