Some of these activities included unauthorized users running commands on network devices. T-Mobile engineers surmised that the hackers were probing the network’ structure, according to Simon. Before they got deeper into the network or accessed customer data, T-Mobile kicked the hackers off of its network. U.S. officials have accused the hackers, believed to be sponsored by the Chinese government, of running a campaign to break into the systems of U.S. telecom firms including some of T-Mobile‘s rivals.
“That was what initially clued us into some suspicious behavior, discovery-type commands being run on some of our routers and commands that have been known to be related to Salt Typhoon.”-Jeff Simon, chief security officer, T-Mobile”
For months, the Chinese hackers were able to access information related to people who were under lawful surveillance by the U.S. According to two sources familiar with the matter, the hacking operation might have helped expose U.S. plans to track down foreign agents. The hackers also were able to listen to communications involving what the FBI called “a limited number” of people in government and politics. That list included President-Elect Donald Trump, Vice President-Elect JD Vance, and members of Vice President Kamala Harris’ staff.
Because T-Mobile is the only U.S. carrier currently using a standalone 5G network, the carrier believes that it was less exposed to the hacking group. Such a network bypasses older networking gear used during the 2G, 3G, and 4G eras such as copper networks and cable. Standalone 5G networks use advanced encryption and privacy technologies and also employ newer equipment.
