Gen. Timothy Haugh, director of the NSA, said the investigation of the hack, which reportedly affected AT&T, Verizon and Lumen, is in its early stages.
SEA ISLAND, Ga. — The director of the National Security Agency said Sunday that a Chinese hack of three major telecommunications firms is under investigation but that it remains “premature” to discuss the case.
Air Force Gen. Timothy Haugh said his command would work closely with other government agencies and private companies “to really understand what has happened.”
“I think it’s premature for us to talk about this specific case. We’re really at an initial stage,” Haugh told a small group of reporters here at a conference organized by the Cipher Brief security website.
About news reports that Chinese hackers may have gained access to systems used by federal authorities for court-approved eavesdropping, he said: “I think we are in the early days of investigation.”
The Wall Street Journal first reported the hack Saturday.
Hackers backed by China accessed at least three telecommunication companies — AT&T, Verizon and Lumen Technologies — in what may have been an attempt to gain access to information from systems the federal government uses for court-approved electronic surveillance, a source with knowledge of the matter said.
Telecommunications firms have a legal obligation to allow federal authorities to have access to electronic information if there is a court order for the eavesdropping. If China penetrated the wiretapping system, it would be a serious security breach.
AT&T and Lumen declined to comment. Verizon did not immediately respond to a request for comment Sunday night.
The Chinese Embassy in the U.S. did not immediately respond to a request for comment Sunday night. China has denied past hacking allegations from Western governments.
The FBI and the White House National Security Council declined to comment.
Haugh said the NSA and other federal agencies issued an advisory in 2022 warning that cyber operators sponsored by the Chinese government were trying to hack major telecommunications companies and network service providers.
“I think what we see broadly from a PRC [People’s Republic of China] threat perspective is they’re going to be very aggressive at critical infrastructure collection operations and targeting our critical infrastructure,” Haugh said.
In a speech earlier at the conference, Haugh said China’s cyber operatives are “engaged every day in a deliberate campaign to steal our technology and target our national security systems and the defense industrial base.” He added that hackers backed by Beijing “aim to compromise our vital infrastructure.”