Apple, Android users on notice from FBI, CISA about texts amid 'massive espionage campaign'

Hackers could be after your text messages. Especially vulnerable: texts between Android and Apple devices.

Three weeks ago the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) revealed that hackers connected with the People's Republic of China had infiltrated the U.S. telecom infrastructure as part of "a broad and significant cyber espionage campaign."

Those targeted were "a limited number of individuals who are primarily involved in government or political activity," the agencies said at the time. Stolen were customer call records data and "certain information that was subject to U.S. law enforcement requests pursuant to court orders," the agencies said.

However, the hackers are apparently still at work and cybersecurity officials said this week they haven't been able to evict them from the networks of some telecom and internet firms.

On top of that, officials with those agencies are making a special point to remind smartphone users that text messages between Android devices and Apple devices are especially vulnerable, as they are not encrypted.

Holiday deals:Shop this season’s top products and sales curated by our editors.

"Encryption is your friend, whether it is on text messaging or if you have the capacity to use encrypted voice communications, even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible, if not really hard, for them to detect it. So, our advice is to try to avoid using plain text," said Jeff Greene, CISA executive assistant director for cybersecurity, during a press briefing held Tuesday.

What's your password?:Here are the most common, many hackable in under 1 second

Hackers have been able to steal a large amount of records including information on where, when and with whom people were communicating with, but no audio or actual text messages, a senior FBI official said during the briefing. However, some in the Washington, D.C. area did have audio and texts captured by the hackers, the official said.

Hackers still have access to the networks, officials said. And, Greene said, "We don't have any illusion that, once we're successful in evicting these actors, that they are not going to come back."

Text messages: What to know about security

In addition to seeking help from private companies to assess the reach of the attacks, officials suggested that people concerned about the security of their messaging should use encrypted messaging systems – think WhatsApp and Signal.

That's because if you are like most of us, some of our texting pals have Apple devices and some have Android devices. Messages sent between two Apple gadgets are encrypted, as are messages sent between users of Google Messages. But those between Android and Apple devices are not.

Federal Communications Commission Chair Jessica Rosenworcel on Thursday proposed agency action to ensure telecommunication companies be required to secure their networks.

"As technology continues to advance, so does the capabilities of adversaries, which means the U.S. must adapt and reinforce our defenses," said Rosenworcel in a press release.

Chinese hacking attack 'absolutely mind-boggling'

The Director of National Intelligence Avril Haines, the National Security Council, Rosenworcel, the FBI and CISA held a closed-door briefing for the U.S. Senate on Wednesday. Senators were updated on the long-running investigation into PRC-connected "threat actors" including a hacking group known as Salt Typhoon, which has infiltrated several telecom and internet firms including "at least" eight telecom firms in the U.S., including AT&T, Verizon and T-Mobile.

"The extent and depth and breadth of Chinese hacking is absolutely mind-boggling – that we would permit as much as has happened in just the last year is terrifying," said Sen. Richard Blumenthal.

"This was part of a massive espionage campaign that has affected dozens of countries," the FCC said in a fact sheet.

Incoming FCC Chair Brendan Carr said Wednesday he will work "with national security agencies through the transition and next year in an effort to root out the threat and secure our networks."

Rosenworcel, a Democrat named as FCC chair by President Joe Biden, has announced she will leave the agency next month.

US companies respond to hacking attack

Among the companies infiltrated, Verizon said "several weeks ago, we became aware that a highly sophisticated, nation-state actor accessed several of the nation’s telecom company networks, including Verizon" adding the incident was focused on a very small subset of individuals in government and politics.

AT&T said it is "working in close coordination with federal law enforcement, industry peers and cyber security experts to identify and remediate any impact on our networks."

T-Mobile and Lumen (formerly known as CenturyLink) both said there was no evidence hackers got access to customer data.

Chinese officials have previously described the allegations as disinformation and said Beijing "firmly opposes and combats cyber attacks and cyber theft in all forms."

Headlines on this story have been updated to reflect that both the FBI and the CISA issued warnings about the ongoing cyber attack.

Contributing: Reuters

Follow Mike Snider on X and Threads: @mikesnider &mikegsnider.

What's everyone talking about?Sign up for our trending newsletter to get the latest news of the day

Disclaimer: The copyright of this article belongs to the original author. Reposting this article is solely for the purpose of information dissemination and does not constitute any investment advice. If there is any infringement, please contact us immediately. We will make corrections or deletions as necessary. Thank you.