Chinese hackers have breached dozens of telecommunications companies around the world. The breach, christened Salt Typhoon by Microsoft cybersecurity researchers, has afforded the cybercriminals unprecedented access not only to information on who has been texting or calling whom and when, but also on the contents of some messages, a much higher technical bar to clear in a cyber-attack.
The cyber-attack hit three of the largest telecommunications networks in the US. The communications of government officials in Washington DC have been intercepted, as have internet browsing records kept by the same telecommunications companies. The hackers attempted and may have succeeded to crack the phones of Donald Trump and JD Vance as well as Kamala Harris’s campaign staff. Even the US’s wiretapping program was breached; call records stored there were stolen. A US senator called it the “worst telecom hack in our nation’s history”. The same week, UK telecom giant BT announced it had endured “an attempt to compromise” its conferencing service and circumvented it.
The group of hackers, sometimes known as FamousSparrow, has been active since 2020 and has gone after government organizations in Israel, Saudi Arabia, Brazil, Canada, Guatemala and Burkina Faso in the past, according to cybersecurity firm Eset. It has another favorite target, one it has targeted even more aggressively than governments in the past: hotels. In all of those countries as well as the UK, France, Lithuania and Taiwan, the group has hounded the digital systems of hotels and stolen their data.
Salt Typhoon has been under way for one to two years and is ongoing, according to US intelligence. US analysts have attributed the cyber-attack to Beijing, as have independent cybersecurity researchers. China denies involvement.
US national security advisers have urged their employees not to use normal texting apps but to keep all their communications to encrypted messaging apps like Signal, WhatsApp, and FaceTime. It’s good advice. Security agencies in Australia, New Zealand and Canada have issued similar warnings.
Is this hack part of an elaborate, coordinated response in the escalating trade war over chips between the US and China? On Monday, Beijing opened an antitrust investigation into Nvidia. Last week, Chinese regulators banned the export of minerals critical for the fabrication of semiconductors like gallium and germanium to the US. Earlier this year, the US forbade the sale of the most advanced semiconductor chips to China. Washington, with regulatory power over Nvidia, TSMC and others, is seeking a geopolitical edge via AI, and you can’t make useful AI models without powerful chips. China, broadly unable to either copy or dethrone Nvidia, is at a disadvantage. So did China hack back in response? It’s possible, but the hacking of telecommunications networks isn’t closely related enough to the semiconductor industry to make the overture of “Give us your chips or else”. Had Beijing hacked Jensen Huang’s phone … that would be just a hop, skip and a jump to trade war retaliation.
I’d call Salt Typhoon old-fashioned espionage.
Judges acknowledge that a TikTok ban would disenfranchise Americans – but uphold it anyway
A court of appeals upheld the US’s bill that would either ban TikTok or force its sale on Friday. The company has vowed to appeal to the supreme court. My colleague Dara Kerr, who started at the Guardian this week, reports here:
A federal appeals court ruled on Friday to uphold a law that forces the hugely popular social media company to sell its assets to a non-Chinese company or be barred from the country entirely. The decision is the latest twist in a years-long battle between the US government and TikTok, which is owned by Chinese-based ByteDance.
ByteDance has until 19 January to sell the app or face the ban.
“TikTok’s millions of users will need to find alternative media of communication,” said the judge, Douglas Ginsburg. “That burden is attributable to [China’s] hybrid commercial threat to US national security, not to the US government, which engaged with TikTok through a multi-year process in an effort to find an alternative solution.”
TikTok filed an emergency injunction against the ban on Monday and responded with a statement that it had faith the US supreme court would rule in favor of “protecting free speech”. It also said that the law was based on “hypothetical information”, which is true. The US has not demonstrated that China has manipulated content on TikTok. The Salt Typhoon hacks demonstrate that China is capable of going beyond the hypothetical and venturing into drastic global interference.
The lack of evidence underpinning the ban/forced sale is no secret. The court took it into account: “The Government acknowledges that it lacks specific intelligence that shows the PRC has in the past or is now coercing TikTok into manipulating content in the United States … The Government’s justification in fact concerns the risk of the PRC covertly manipulating content on the platform,” the ruling reads. It is not the fact of manipulation that forms the basis of the law, but the threat of it, the idea of it. On the other hand, TikTok “never squarely denies that it has ever manipulated content on the TikTok platform at the direction of the PRC”, per the ruling.
Judge Sri Srinivasan, a member of the three-judge panel that handed down the decision, acknowledged the threat to the speech of US TikTok users if the company does not divest. “Many Americans may lose access to an outlet for expression, a source of community, and even a means of income,” he wrote.
TikTok is used by about 170 million Americans, all of whom will be deprived of both a means of expression and of accessing information. Ultimately, though, the judges said the bill, specifically its clause allowing for divestiture, “survives a First Amendment challenge”, per Srinivasan.
“Preventing covert content manipulation by an adversary nation also serves a compelling governmental interest. The petitioners [TikTok] object for two reasons, neither of which persuades.”
How do you avoid doomscrolling?
We would like to hear about how you avoid the constant barrage of bad news when you’re on your phone. Is there an app, site or service that you consider an antidote to doomscrolling? Let us know using the form below.
Answer our reader callout with this form.
How much money did the tech industry spend on the US presidential election?
Put another way: how much influence did the tech industry tried to buy? My colleagues Lauren Aratani and Raphael Hernandes report:
Silicon Valley poured more than $230m into the US presidential election this year, according to a Guardian analysis, the bulk of which comes from a massive $118m donation Elon Musk made to Donald Trump’s campaign.
Advocates of cryptocurrency were particularly active in this election as they fought to stave off regulation, pumping money into the presidential campaigns as well as key congressional races.
Trump overall received $133m in donations from some of tech’s biggest names, including:
$118m from Elon Musk, owner of Tesla, SpaceX and X (formerly Twitter) who has an estimated net worth of $350bn.
$5m from Marc Andreessen, the billionaire founder of venture capital firm Andreessen Horowitz, also known as a16z. Andreessen’s co-founder, Ben Horowitz, initially supported Trump but flipped to Harris.
$5m from Jan Koum, the founder of WhatsApp who made the bulk of his fortune when Facebook acquired the messaging app in 2014 for $19bn.
Harris received a total of $71m, including:
$39m from Facebook co-founder Dustin Moskovitz, who left the social media company in 2008 to start workflow software company Asana.
$17m from Reid Hoffman, the cofounder of LinkedIn.
$11m from Chris Larsen, the billionaire chair of Ripple, a cryptocurrency company.
Read the full story on tech’s campaign contributions.
Trump is already a boon for crypto. Bitcoin has hit $100,000. He’s appointed David Sacks, a former PayPal executive, confidant of Musk and Trump’s own biggest booster in Silicon Valley, to a new role as White House czar of crypto and AI. He’s nominated Paul Atkins, a former member of the Securities and Exchange Commission and an avid crypto proponent, to chair the SEC. It’s not a stretch to imagine Atkins will visit less government scrutiny on the industry than his predecessor, the crypto critic Gary Gensler. It seems crypto’s campaign donations have already netted the industry significant gains, whether or not the contributions went to the president-elect.
Listen to our full podcast on Trump’s blossoming relationship with the crypto industry.