The FBI and the Cybersecurity and Infrastructure Security Agency released a joint statement Wednesday alerting the public to widespread espionage efforts on behalf of the People's Republic of China via the hacking of commercial telecommunications infrastructure.
"Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues," the statement read.
In October, the FBI revealed that a China-based firm had hacked 260,000 internet-connected devices in the U.S., Britian, France, and other countries. The web of internet routers and other devices known as a botnet could have been used to conducted precise attacks on U.S. companies or government agencies.
The technique is appealing to cybercriminals because the users around the world are typically unaware their device is being used to conduct scamming or espionage.
China has demonstrated great prowess in cyberattacks since President Xi Jinping shifted the country's priorities and now produces 70,000 cybersecurity experts via their National Cybersecurity Talent and Innovation Base.
Atlantic Council, a Washington, D.C.-based think tank, in a report last month said, "China has built the world's most comprehensive ecosystem for capture-the-flag (CTF) competitions—the predominant form of hacking competitions, which range from team-versus-team play to Jeopardy-style knowledge challenges."
The agencies advised any organization that believes it might be a victim of a cyberattack or data breach from a foreign agent to contact the local FBI field office or the CISA.