A huge hack of U.S. phone companies means your text messages may not be safe
At least eight U.S. telecom firms and dozens of countries have been impacted this week by what a top White House official called a Chinese hacking campaign that has also raised concerns about the security of text messaging.
At a media briefing Wednesday, U.S. Deputy National Security Adviser Anne Neuberger shared details about the breadth of a sprawling hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.
A group of hackers known as Salt Typhoon are being blamed for the attack targeting companies, which reportedly included AT&T, Verizon and Lumen Technologies. White House officials cautioned the number of telecommunication firms and countries impacted could still grow.
Canadian cybersecurity experts paying close attention to this latest breach say some industry practices and government regulations that allow intelligence organizations access to the telecommunications system are part of the problem. These experts and U.S. law enforcement officials are recommending that people take action to protect their text messages.
“The attack that is unfolding in the United States is a reflection of historical and continuing vulnerabilities in telecommunication networks around the world, and some of those vulnerabilities are made worse by government,” said Kate Robertson, a lawyer and senior researcher at the University of Toronto’s Citizen Lab, which studies digital threats to civil society.
Though the hack apparently focused on American politicians and government officials, experts say regular SMS text messages, the kind most wireless carriers offer, aren’t very secure because they’re unencrypted.
“We are constantly bombarded with concerns about phishing and email scams and malicious links,” said security consultant Andrew Kirsch, a former intelligence officer with the Canadian Security Intelligence Service (CSIS).
“This shines a light on the fact that the other vulnerability is through our telecommunications, phone calls and text messages.”
Impact on Canadian companies still unknown
CBC News has reached out to the RCMP, the Canadian Centre for Cyber Security and CSIS to ask if any of the cyberattacks compromised Canadian users or communications companies, but has yet to receive a response.
Earlier this week the Canadian Centre for Cyber Security issued a joint release with the U.S., Australia and New Zealand with security advice for companies like cellphone providers on “enhanced visibility and hardening for communications infrastructure.”
CBC News also contacted Canada’s largest cellphone providers — Bell, Rogers and Telus — to ask if their networks had been targeted and breached in the same attack. Rogers and Telus did not respond before publication.
Bell said it was aware of “a highly sophisticated” attack in the U.S. and was working with government partners and other telecommunications companies “to identify any potentially related security incidents across our networks.”
The telecommunications company says it hasn’t seen any evidence of an attack, but continues “to investigate and maintain vigilance.”
How these attacks happen
Robertson explained these attacks are made possible in part because governments have “prioritized the objective of surveillance over the security of the entire network of users.”
She says security researchers have been warning for a long time the legal “back doors” that governments use to monitor crime and espionage over land lines and cellphones can also be “exploited by unwelcome actors,” leaving entire networks of users exposed.
Her colleague at Citizen Lab, Gary Miller, specializes in threats to mobile networks and says the interconnections between different companies and countries in terms of communications networks is another weakness.
For example, he said placing an international telephone call from point A to point B requires an interconnection between network operators, as does international roaming with mobile phones.
“And the fact that there is a requirement to open up … these networks in order to ensure a seamless experience for the user really results in specific vulnerabilities.”
He says as the networks get faster and more reliable, they have also become more secure, but he notes that the security standards for the telecommunications industry required by law aren’t strong enough.
“There’s no accountability, you know, for these types of security and incidents,” he said. “And that’s really what needs to happen.”
Concerns about safety of texts
As a result of this hack, concerns about the security of text messages have emerged.
The FBI has said those with Android and Apple devices can continue to send texts to users who have the same devices because they have internally secure messaging systems.
However, the bureau warned against Apple users sending messages to Android users or vice versa, and instead encouraged users to send text messages through a third-party app that provides end-to-end encryption.
Robertson and Miller recommend that people install these messaging apps — like Signal or Whatsapp — on their phones and use them all the time.
Robertson says that Signal gives users access to “a gold standard form of encryption” that is very user friendly, and noted that “very similar things can be said about WhatsApp.”
Miller says he prefers Signal because it’s a non-profit, while WhatsApp is owned by Meta.
Kirsh says if people are using regular text messaging, he recommends they never write any message that they wouldn’t “put on a postcard and physically mail” because “once you put that information out in the world, you’ve lost control of it.”
A political goal and China’s power
In November, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint statement confirming the existence of a “a broad and significant cyber espionage campaign,” targeting the U.S.
Stephanie Carvin, an associate professor at Carleton University and a former national security analyst, says the hack demonstrates just how large and well funded Chinese espionage operations directed at the West are.
“When you hear about an attack like this there’s not one goal here,” Carvin told CBC News. “With this data, [China] can do a lot of very specific things in terms of targeting, but [it] can also develop general patterns that can help operations down the road.”
According to Neuberger, the deputy national security adviser, the Salt Typhoon hackers were able to gain access to communications of senior U.S. government officials, but during a call with reporters, she said she didn’t believe any classified communications had been compromised.
Neuberger said impacted companies are all responding, but haven’t yet blocked the hackers from accessing the networks.
“So there is a risk of ongoing compromises to communications until U.S. companies address the cybersecurity gaps,” she said.
A spokesperson with the Chinese Embassy in Washington denied the country was behind the hacking campaign.
“The U.S. needs to stop its own cyberattacks against other countries and refrain from using cybersecurity to smear and slander China,” said Liu Pengyu.
Published at Sat, 07 Dec 2024 09:00:15 +0000
In Syria, a ruthless dictator is under siege. Will anyone step up to save him?
Across northern and central Syria this week, families who’ve been torn apart by more than a decade of civil war have been holding joyous reunions.
“I didn’t believe it, it was very emotional,” said Ismail Alabullah, a volunteer with the Syrian NGO the White Helmets, as he described returning to the city of Aleppo for the first time since 2013 and reuniting with his sister.
“I couldn’t believe I was seeing her again,” he told CBC News from northern Syria. “I lost my brother, my mother and father over the past two years — I couldn’t say goodbye to any of them. Now, it’s just me and my sister.”
The White Helmets, a first responders’ group best-known for rescuing and evacuating civilians from active war zones, are considered arch enemies of the regime of President Bashar al-Assad.
Since 2016, Assad’s forces have controlled Aleppo. But with his army now retreating from territory where just days ago it seemed to be firmly in charge, families stranded on opposite sides of the front lines are able to be together again.
Dynamic situation
After years of stalemate, Syria’s map of control is being redrawn almost by the hour.
First, Aleppo — a city of more than 2.3 million people and the second-largest in the country — fell to opposition forces on Nov. 27. In the days that followed, so did many towns to the south.
On Thursday, Assad’s forces abandoned the strategic centre of Hama when rebel forces pushed in.
Most observers expect an assault on a key Assad power base — the city of Homs, 40 kilometres to the south of Hama — is only hours away.
If opposition forces are successful, the move would cut off Assad’s strongholds along the Syrian coast from the capital, Damascus.
“It’s clear that the regime itself cannot defend these territories,” said Haid Haid, a Syria analyst with Chatham House, a London-based think-tank.
Damaged army vehicles rested on roadsides in Hama, Syria, on Friday after Hayat Tahrir Al-Sham rebels captured the city.
This conclusion leads to inevitable speculation over whether Assad’s government may be hurtling faster than almost anyone expected toward its demise, after surviving years of intense fighting in a civil war.
“No one can give any absolute answers,” Haid told CBC News from Istanbul. “I think it’s safe to say that Assad is not 100 per cent secure, but no one knows when and if the regime will collapse completely.”
Political dynasty
Assad and his family have ruled Syria with an iron fist for more than 50 years. Since he took over as president in 2000 after his father’s death, the UN says Assad’s forces have killed more than 350,000 opponents, jailed and tortured countless thousands more and used banned nerve gas on opposition towns to deter any challengers to his rule.
In 2011, Syria was rocked by anti-Assad protests, inspired by anti-regime demonstrations across the wider region, known as the Arab Spring.
Assad responded with a violent crackdown that evolved into a full-scale civil war. By 2015, opposition groups — and forces of the Islamic State (IS) — had seized vast swaths of the country. But intervention from Russia turned the tide.
A devastating aerial bombing campaign by Vladimir Putin’s forces secured Assad’s position, but at a horrendous cost. Humanitarian groups accused Russia and Syria of war crimes for indiscriminately bombing civilians using cluster munitions.
After a concerted effort led by the Kurdish Syrian Democratic Forces in the east — and with help from Russia — IS was eventually pushed back into a few pockets in the desert.
Since 2016, the battle lines of the conflict have remained largely in stasis, with Assad’s Syrian Arab Army (SAA) in control of most of the country’s major cities.
Major successes
In Idlib province, next to Turkey, forces belonging to a one-time al-Qaeda spinoff, Hayat Tahrir al-Sham (HTS), have controlled most of the territory. And the group has spearheaded most of the battlefield successes over the past 10 days.
Hayat Tahrir al-Sham has been listed as a terrorist entity by Canada since 2013. But more recently, its 42-year-old leader, Abu Muhammed al-Jolani, has disavowed any connection with the group or its radical ideology.
In a social media post on Thursday, HTS unusually referred to him by his given name — Ahmad al-Shara — rather than al-Jolani, which he uses in military settings. This appeared to showcase him as a statesman or politician rather than the leader of a banned militia.
Al-Jolani also gave a rare interview to a Western media outlet, telling CNN his goal is to overthrow Assad’s regime and replace it with a new government for all Syrians.
The Institute for the Study of War, a U.S.-based think-tank that studies global conflict zones, noted that a major reason HTS has gained territory so rapidly has been its willingness to negotiate deals with local communities to avoid fighting.
ISW said two majority-Christian towns and one largely Shia city had all come to agreements with HTS, allowing the group’s fighters to avoid costly combat in rural areas.
Longtime Syria watcher Charles Lister, who publishes a weekly newsletter on the Syrian conflict, has written that HTS has built a formidable diplomatic presence beyond its base in Idlib province, by engaging with local Syrian tribes and other social bodies to improve the group’s outreach.
Lister says as a result, there have been few clashes with other Syrian opposition groups — particularly the powerful Kurds — as HTS’s forces have moved rapidly through the countryside.
Finally, Lister says al-Jolani has attempted to “replicate a sovereign government” in Idlib province, with HTS issuing ID cards, administering the banking system and taking on many of the functions usually performed by municipalities.
Nonetheless, HTS’s listing as a terror entity has put NGOs and Western governments in a challenging position, with most unwilling to directly help the group, resulting in a worsening humanitarian situation in places such as Aleppo.
Ismail Alabduallah, the White Helmet worker, told CBC News the city is already seeing food shortages.
“The situation is very difficult. Some NGOs we co-ordinate with have this responsibility, and now no one is distributing bread every day in Aleppo,” he said. “They are working to make the bakeries operate again as before.”
Foreign actors
With the city of Homs, another key power base for Assad, just a half-hour drive away from advancing HTS forces, the key question is whether any of the regime’s allies will intervene militarily to stop the latest opposition push.
The Iranian government has reportedly ordered some of the militias it controls in neighbouring Iraq to cross the border to help its ally Assad. But their presence on the battlefield has yet to be felt.
Hezbollah chief Naim Qassem said Thursday that his group will help Assad, and there reports that what the group calls “supervising forces” arrived in Syria overnight.
Until recently, Iran-backed Hezbollah was arguably the most powerful militia in the Middle East. But Israeli assassinations of its top leadership and an immense aerial campaign against its fighters in southern Lebanon have severely weakened the group.
One neighbour Assad won’t be able to count on is Turkey. Its government has been a major supplier of weapons and money to several opposition groups, and on Friday, President Recep Tayyip Erdogan said he hopes the Syrian opposition forces continue to make gains.
That leaves Vladimir Putin, who most observers credit with saving Assad the last time opposition forces encroached in 2016.
“It’s not clear where Moscow is heading or what its main priority is at this point,” said Chatham House’s Haid Haid.
Russian bombing of the Aleppo area and of the key approaches to Homs has resumed in recent days, but with Putin’s war in Ukraine a drain on its combat resources, Russia’s options for intervention may be limited.
Russia has leased a naval base in the Syrian city of Tartus since the 1970s. It also has a sizeable airbase outside Latakia, further to the north.
Both could be vulnerable to opposition forces if Assad’s lines continue to collapse.
Haid Haid says even if Assad manages to fend off the opposition advances, Russia has already emerged as one of major losers of renewed fighting.
“Russia’s past victories have been forgotten now because of the recent defeat of regime forces,” he said. “It means Russia has not been able to support its allies.”
Published at Tue, 03 Dec 2024 01:04:24 +0000
