The senators also cited evidence in their letter that US Telecom has worked with third-party cybersecurity firms to conduct audits of its systems related to telecom protocols. SS7 But it has refused to make the results of these assessments available to the Defense Department. “DoD has asked the carriers for copies of their third-party audit results and informed them that they are considered attorney-client privileged information,” the department wrote in response to questions from Wyden’s office. .”
The Pentagon contracts with major US carriers for much of its telecommunications infrastructure, which means it inherits potential corporate security vulnerabilities they have but also legacy vulnerabilities at the core of their telephony networks.
AT&T and Verizon did not respond to multiple requests for comment from WIRED. T-Mobile was also allegedly breached in the Salt Typhoon campaign, but the company said that Blog post It has seen no signs of compromise in the past week. T-Mobile has contracts with the Army, Air Force, Special Operations Command, and several other divisions of the DOD. And in June, it announced A 10-year, $2.67 billion contract with the Navy that will “give all Department of Defense agencies the ability to order wireless services and equipment from T-Mobile for the next 10 years.”
In an interview with Wired, T-Mobile Chief Security Officer Jeff Simon said the company recently reported an attempted hacking of its routing infrastructure by an unnamed wireline partner that was compromised. T-Mobile isn’t certain the “bad actor” was the Salt Typhoon, but whatever it was, Simon says the company quickly stopped the intrusion attempts.
“You can’t reach all of our systems from our edge routing infrastructure—they’re there to some extent and then you need to try to move between that environment and another to get more access,” says Simon. Simon says. “So they need to do things that are noisy and that’s where we were able to discover them. We have invested heavily in our monitoring capabilities. Not that they’re perfect, they never will be, but when someone makes noise in our environment, we like to think we’re going to catch them.
Amidst the chaos of Typhoon Salt, T-Mobile’s claim that it was not in breach in this situation is worth noting. Simon says the company is still cooperating with law enforcement and the telecommunications industry more broadly as the situation unfolds. But it’s no coincidence that T-Mobile has Invested so heavily in cyber security. The company suffered losses decade repeatedly, huge The breaches, which exposed a lot of customer data. Simon says that since he joined the company in May 2023, it has undergone a significant security transformation. As an example, the company implemented mandatory two-factor authentication with physical security keys for all people interacting with T-Mobile systems, including all contractors other than employees. Such measures have greatly reduced the risk of threats such as phishing, he says. And other improvements in device population management and network detection have helped the company feel confident in its ability to defend itself.
“The day we made the transition, we cut off a lot of people’s access, because they hadn’t received their ubikeys yet. There was a line out the door at our headquarters,” Simon says. “Every life form that accesses T-Mobile systems has to get a YubiKey from us.”
Still, the fact remains that America’s telecommunications infrastructure has fundamental weaknesses. Although T-Mobile successfully thwarted the latest infiltration attempts by Salt Typhoon, the spying campaign is a dramatic example of long-standing insecurity throughout the industry.
The senators wrote, “We urge you to consider whether DOD should decline to renew these contracts, and instead renegotiate with the contracted wireless carriers, to allow them to monitor need to adopt effective cyber defenses against threats from
Additional reporting by Dale Cameron.
