NEW DELHI: A massive cyber operation by China may have stolen data from nearly every American, including President Donald Trump and Vice President JD Vance, The New York Times reported. The campaign, code-named Salt Typhoon, has been described by US officials as Beijing’s most ambitious hacking attempt yet, infiltrating global telecom networks and targeting more than 80 countries.The campaign, code-named Salt Typhoon, is described by US officials as the most ambitious Chinese cyberespionage attempt yet, targeting more than 80 countries and infiltrating major telecommunications networks across the globe. The breadth of the breach, revealed in a joint statement last week by Western allies and reported by The New York Times, has underscored how China’s capabilities now rival those of the US and its partners.For years, China has been accused of hacking American infrastructure and stealing intellectual property, including sensitive chip designs and corporate trade secrets. But Salt Typhoon has surpassed earlier intrusions in both scope and sophistication.Investigators said the attack was a years-long, coordinated assault that compromised major telecom companies, allowing Chinese intelligence services to exploit global communication networks. Officials said this capability could enable Beijing to track politicians, dissidents, activists, and intelligence officers worldwide.“I can’t imagine any American was spared given the breadth of the campaign,” said Cynthia Kaiser, a former top FBI cyber division official who oversaw earlier probes into Chinese hacking.British and American officials have described the campaign as “unrestrained” and “indiscriminate.” According to NYT, Canada, Finland, Germany, Italy, Japan and Spain joined the US and UK in a rare collective statement condemning China.The Chinese embassy in London did not respond to requests for comment. In Washington, a spokesperson for Beijing has previously dismissed such allegations as “smear attacks without any factual basis.”
Trump, Vance, and Democrats among targets
Among the most startling revelations: hackers gained access to phones used by Donald Trump and J.D. Vance during last year’s presidential campaign. Democratic politicians and campaign staff were also targeted.The attackers infiltrated at least eight US telecommunications companies, including AT&T, Verizon and Lumen Technologies, NBC News reported, citing officials. Senator Mark Warner, the top Democrat on the Senate Intelligence Committee, confirmed the hackers were able to intercept phone calls and read unencrypted text messages.Anne Neuberger, the deputy national security adviser for cyber and emerging technology, said the hackers accessed “a large number of Americans’ phone data” in what amounted to one of the largest known breaches of US personal information.While officials have not confirmed whether every citizen’s data was swept up, the scale of intrusion prompted warnings of “ongoing compromises” until telecom companies plug cybersecurity gaps. “The Chinese are likely to maintain their access,” Neuberger said.
Salt Typhoon and Volt Typhoon : A dual threat
Salt Typhoon is not the only operation attributed to Beijing. According to Bloomberg, US intelligence has separately tracked Volt Typhoon, a parallel campaign aimed at physical infrastructure.Volt Typhoon has targeted operational technology systems in Guam, a strategically vital US territory, infiltrating networks tied to power, water, ports and military bases. Officials say the hackers sought the ability to disrupt US defenses in the event of a conflict over Taiwan.Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), warned Congress that the goal of Volt Typhoon was to disable critical infrastructure and trigger “societal panic.” By contrast, Salt Typhoon focused primarily on IT systems and personal data.Together, the campaigns illustrate Beijing’s two-pronged strategy: gathering data for surveillance while also preparing the ability to paralyze infrastructure in wartime.
FBI and DOJ escalate legal pressure
The revelations about Salt Typhoon came shortly after US prosecutors unsealed charges against seven Chinese nationals tied to APT31, another state-backed hacking group. According to US archives, the defendants spent 14 years targeting critics of Beijing, US officials, and major corporations.Attorney General Merrick Garland said: “The Justice Department will not tolerate efforts by the Chinese government to intimidate Americans who serve the public, silence dissidents who are protected by American laws, or steal from American businesses.”The indictment alleged that the hackers sent more than 10,000 malicious emails designed to compromise networks of politicians, journalists, and academics worldwide. FBI Director Christopher Wray said the case showed the “brash efforts” by Beijing to undermine US cybersecurity.The Justice Department stressed that the operations were part of China’s Ministry of State Security’s broader campaign of repression, espionage and theft.
Fallout for ordinary Americans
For ordinary citizens, the breach raises questions about how much personal data may have been compromised. The FBI has begun notifying some victims but admitted it will not inform everyone whose call records were accessed.Officials told NBC News that hackers were especially interested in phone data linked to the Washington D.C. area, suggesting a focus on political and government figures. However, the sheer scale means that millions of ordinary call logs were likely swept up in the process.Kaiser, the former FBI cyber official, noted that previous Chinese campaigns typically focused on narrower targets such as researchers or officials working on sensitive issues. Salt Typhoon’s indiscriminate approach marks a new and more alarming phase.
Why telecom networks are the weak link
Telecommunications companies were at the heart of the Salt Typhoon breach. Hackers penetrated systems that carry not just commercial traffic but also communications tapped by law enforcement with court orders, according to NBC News.Cybersecurity experts warn that telecom networks are notoriously difficult to secure. Once inside, hackers can linger for years, sometimes “living off the land” by using legitimate network tools rather than deploying obvious malware.Neuberger said US officials do not believe the telecoms have fully expelled the intruders, making future compromises highly likely. The White House and allied governments have since released public guides to help companies strengthen defenses.
Guam: America’s cyber frontline
The vulnerabilities extend far beyond telecom. On Guam, the only civilian power utility, Guam Power Authority (GPA), became a flashpoint in 2022 when federal agents approached cybersecurity chief Melvyn Kwek with concerns.As Bloomberg reported, US officials feared Chinese hackers had infiltrated civilian systems that the military also relies upon. Guam is a hub for US naval operations in the Pacific and would be central in any conflict with China over Taiwan.The discovery of Volt Typhoon in Guam rattled officials. Paul Nakasone, former NSA chief, said using cyberattacks to disable critical civilian infrastructure “would amount to a deliberate assault on the general population.”
China’s denials and lobal reaction
Beijing has consistently denied involvement. In an emailed statement to US media, Liu Pengyu, spokesperson at the Chinese embassy in Washington, said: “China firmly opposes the US’s smear attacks against China without any factual basis. China consistently opposes and combats all forms of cyberattacks.”Despite the denials, Western allies have stepped up a coordinated “name and shame” campaign. The UK’s National Cyber Security Centre, the FBI, and the US State Department have all issued statements attributing the operations to groups tied to China’s Ministry of State Security.The US has also imposed sanctions on individuals linked to APT31 and offered rewards of up to $10 million for information.
Billions in economic losses
Beyond espionage, US officials estimate that China’s state-backed hacking has cost the American economy billions of dollars annually. Stolen trade secrets, compromised defense contracts, and intercepted technology transfers have long given Beijing a competitive edge.The indictment against APT31 outlined how hackers targeted dozens of US industries including defense, finance, and information technology. Companies providing 5G equipment and aerospace research were among those compromised.Lisa Monaco, the Deputy Attorney General, said: “This prolific global hacking operation backed by the PRC government targeted journalists, political officials, and companies to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets.”
Implications for global politics
The Salt Typhoon revelations come at a time of rising US-China tensions. Washington has accused Beijing of preparing to interfere in the 2024 US elections, while Chinese officials bristle at what they call “Cold War thinking.”For security analysts, the scale of the breach signals that cyber espionage has become a central front in geopolitical competition. “This could mark a new era of Chinese cyber capabilities that will test its strategic rivals,” experts told NYT.The campaign also highlights the difficulty of defending against state-sponsored intrusions. Unlike isolated cybercriminals, groups like Salt Typhoon have government resources and the patience to wait years before exploiting compromised networks.The US government has pledged to bolster network security and work with allies to counter Beijing’s cyber campaigns. But officials concede the task is daunting.Jonathan Chargualaf, a former Guam Power Authority administrator now with the Coast Guard, told Bloomberg that removing Volt Typhoon from Guam networks could take years. “It’s going to be an ongoing fight,” he said.Meanwhile, the FBI is continuing to notify targeted individuals and campaigns. Both the Harris and Trump campaign teams confirmed to NBC News that they had been compromised, as had the office of Senate Majority Leader Chuck Schumer.For many Americans, however, the extent of personal data loss may never be fully known. The Salt Typhoon breach, experts warn, is likely to be studied for years as one of the most consequential espionage campaigns in modern history.
