FBI, CISA investigating China-linked telecom hacks following reports of intrusions on Trump, Harris phones

U.S. agencies are investigating allegations that hackers connected to the government of China breached the systems of multiple telecommunications companies following reports that devices belonging to Vice President Kamala Harris’ campaign, former President Donald Trump and vice presidential candidate JD Vance were targeted in a broad campaign. 

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) published a statement Friday indicating they are “investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.” 

“After the FBI identified specific malicious activity targeting the sector, the FBI and [CISA] immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims,” the agencies said. 

“The investigation is ongoing, and we encourage any organization that believes it might be a victim to engage its local FBI field office or CISA. Agencies across the U.S. Government are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses across the commercial communications sector.”

The statement comes weeks after the Wall Street Journal reported that a Chinese government group called Salt Typhoon breached systems at ​​AT&T, Verizon and Lumen — specifically targeting the systems U.S. law enforcement agencies use for wiretaps. 

The statement on Friday from the FBI and CISA coincided with a New York Times story saying Salt Typhoon used their access to telecommunications giants like Verizon to target data from phones used by former President Trump and Vance. 

Hours later, CBS News and Reuters said staff members of Vice President Harris had devices that were also targeted by Salt Typhoon. Several other top Democrats, including Senator Chuck Schumer (D-NY), were allegedly breached by the group.

Investigators that spoke to the New York Times are still trying to determine what information was gleaned from the breaches but told the news outlet that “they are deeply concerned about the potential extent of compromised data and the wide range of possible victims.”

Law enforcement agencies reportedly told Trump campaign officials that the hackers may still have access to Verizon systems. The company did not respond to requests for comment. 

Both presidential campaigns have faced an array of cyberattacks, breach attempts and disinformation campaigns since July. 

Michael Kaiser, president and CEO of Defending Digital Campaigns (DDC), said the news “is a chilling reminder that foreign adversaries will attempt to exploit every avenue of infiltration possible.” 

“Our personal devices are prime targets because they have the potential to reveal so much about us: including who we speak to, our travel and meeting plans, communications with key staffers and family members, and more,” he said. DDC has worked with Google and other tech companies to expand access to cybersecurity services for political campaigns from both parties. 

“A phone can also be used to precisely track someone’s movements. In these last days before the election, candidates and campaigns at every level on the ballot face the most extraordinary risk as the impact of a cyber-attack would have the largest impact.”

News of the potential phone breaches broke alongside new reports that Russian government disinformation groups were behind a fake video showing people destroying ballots in Pennsylvania that circulated on social media Thursday afternoon. 

The Office of the Director of National Intelligence (ODNI), FBI and CISA released a statement confirming that they believe Russian actors “manufactured and amplified a recent video that falsely depicted an individual ripping up ballots in Pennsylvania.”

The officials made the assessment based on information from the intelligence community, previous Russian influence operations and other disinformation activities. Russian actors attempted to spread a fake video related to vice presidential candidate Tim Walz last week. 

“Local election officials have already debunked the video’s content. This Russian activity is part of Moscow’s broader effort to raise unfounded questions about the integrity of the US election and stoke divisions among Americans, as detailed in prior ODNI election updates,” the agencies said. 

“In the lead up to election day and in the weeks and months after, the IC expects Russia to create and release additional media content that seeks to undermine trust in the integrity of the election and divide Americans.”

Senator Mark Warner (D-VA) echoed the statement, warning that it is “imperative on all of us to be cautious about what we believe and share online.”