FBI Intensifies Pursuit of Chinese Hackers Behind U.S. Telecom Breaches

Washington, D.C. – The FBI is targeting individuals responsible for a series of sophisticated cyberattacks on U.S. telecommunications infrastructure in 2024. The breaches, attributed to Chinese state-sponsored hackers, compromised major telecom providers and raised national security concerns, prompting a robust response from U.S. authorities in 2025.

Last year, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) sounded alarms over a sprawling cyber espionage campaign linked to China, dubbed "Salt Typhoon" by cybersecurity analysts. The operation infiltrated at least eight U.S. telecommunications providers, including industry giants like AT&T, Verizon, and T-Mobile, affecting dozens of countries globally. Hackers accessed metadata from over a million users, including call and text records, and targeted high-profile figures, such as members of the 2024 Trump and Harris presidential campaigns. In some instances, the intruders intercepted audio and text content and even accessed court-authorized wiretapping systems, raising fears of compromised law enforcement operations.

“These attacks represent a broad and significant cyber espionage campaign,” the FBI and CISA stated in a joint release on November 13, 2024. “The hackers stole vast amounts of data, positioning themselves to cause real-world harm,” said FBI Director Christopher Wray, who has repeatedly warned of China’s intent to disrupt critical U.S. infrastructure.

The Salt Typhoon campaign, linked to China’s Ministry of State Security, exploited vulnerabilities in telecom networks to gather intelligence and potentially disrupt communications. U.S. officials noted that the hackers’ focus extended beyond political targets, encompassing customer call records and law enforcement data, some of which was collected under the Foreign Intelligence Surveillance Act (FISA). “This was not just about espionage; it was about pre-positioning for chaos,” said Jeff Greene, CISA’s executive assistant director for cybersecurity, during a December 2024 briefing.

In response, the FBI has shifted its strategy in 2025 to pursue individual hackers and their facilitators. While specific identities of the targeted individuals remain classified, sources indicate that the U.S. is leveraging intelligence from the 2024 investigations to build cases against key operatives. The Justice Department, in coordination with international law enforcement, is exploring indictments and sanctions to hold perpetrators accountable. “We’re not just disrupting networks anymore; we’re going after the people behind the keyboards,” a senior FBI official stated anonymously, citing the ongoing nature of the investigation.

This push builds on earlier successes, such as the January 2024 disruption of the Volt Typhoon botnet, another Chinese state-sponsored operation that infected thousands of U.S. routers to target critical infrastructure like water systems and energy grids. The FBI’s court-authorized operation dismantled the botnet, but Wray cautioned that such victories are “just one round in a much longer fight.”

International cooperation remains critical. In December 2024, CISA, the FBI, and cybersecurity agencies from Australia, Canada, and New Zealand issued joint guidance to harden telecom networks, urging encryption and centralized monitoring. The United Kingdom, notably absent from the advisory, cited differing timelines but expressed support for collective resilience.

China has consistently denied the allegations, with embassy spokesperson Liu Pengyu calling them “disinformation” aimed at undermining Beijing. In a December 2024 statement, China accused the U.S. of conducting cyberattacks on its own infrastructure, including sensitive tech companies. However, U.S. officials remain skeptical of Beijing’s claims, pointing to evidence of state-sponsored activity.

The implications of these breaches extend beyond immediate security concerns. Senator Ron Wyden, who introduced the Secure American Communications Act in December 2024, criticized the Federal Communications Commission for allowing telecoms to self-regulate cybersecurity, arguing that lax oversight enabled the hacks. “Foreign hackers burrowed deep because the system was left vulnerable,” Wyden stated.

As the FBI intensifies its manhunt for the hackers, experts warn that the threat persists. “We cannot say with certainty that the adversary has been fully evicted,” Greene admitted in December 2024, underscoring the challenge of securing sprawling telecom networks. With the incoming Trump administration set to inherit this crisis, the pursuit of individual hackers signals a new chapter in the U.S.’s fight against state-sponsored cyber threats.

Sources:

• Reuters: “China-linked hackers stole surveillance data from telecom companies, US says” (Nov. 13, 2024)

• POLITICO: “Chinese hackers are determined to ‘wreak havoc’ on U.S. critical infrastructure” (Dec. 3, 2024)

• The Record: “FBI, CISA say Chinese hackers are still lurking in US telecom systems” (Dec. 3, 2024)

• AP News: “Justice Department disrupts vast Chinese hacking operation” (Sept. 18, 2024)

• Wikipedia: “2024 United States telecommunications hack” (Aug. 27, 2024)

• Justice Department: “U.S. Government Disrupts Botnet People’s Republic of China Used” (Jan. 31, 2024)

• Voice of America: “Chinese hackers still lurk in US telecommunications systems” (Dec. 3, 2024)

17GEN4.com