US cyber watchdog seeks switch to encrypted apps following ‘Salt Typhoon’ hacks

WASHINGTON — The U.S. cybersecurity watchdog CISA is telling senior American government officials and politicians to immediately switch to end-to-end encrypted messaging following intrusions at major American telecoms blamed on Chinese hackers. 

In written guidance released on Wednesday, the Cybersecurity and Infrastructure Security Agency said “individuals who are in senior government or senior political positions” should “immediately review and apply” a series of best practices around the use of mobile devices. 

The first recommendation: “Use only end-to-end encrypted communications.” 

End-to-end encryption — a data protection technique that aims to make data unreadable by anyone except its sender and its recipient — is baked into various chat apps, including Meta Platforms’ WhatsApp, Apple’s iMessage, and the privacy-focused app Signal. Corporate offerings, which allow end-to-end encryption, also include Microsoft’s Teams and Zoom Communications’ meetings. 

CISA’s message is the latest in a series of increasingly stark warnings issued by American officials in the wake of dramatic hacks of U.S. telecom companies by a group dubbed “Salt Typhoon.” 

Last week, Democratic Senator Ben Ray Lujan said, “this attack likely represents the largest telecommunications hack in our nation’s history.” 

U.S. officials have blamed China for the hacking. Beijing routinely denies allegations of cyberespionage. 

         

leave a reply: