We support our Publishers and Content Creators. You can view this story on their website by CLICKING HERE.
OAN Staff Blake Wolf
5:55 PM – Thursday, December 19, 2024
Following a massive telecom breach, Apple and Android users are being urged to restrain from receiving two-factor authentication codes through text, risking exposure of non-encrypted messages by suspected Chinese hackers.
The Cybersecurity and Infrastructure Security Agency (CISA) released a memo on Wednesday responding to the threat, instructing people to not utilize SMS as a second factor authentication method for online accounts.
“SMS messages are not encrypted — a threat actor with access to a telecommunication provider’s network who intercepts these messages can read them,” CISA stated.
The FBI urged smartphone users to use encrypted messaging apps like Signal or WhatsApp earlier this month after suspected Chinese hackers gained access to AT&T, T-Mobile, Verizon, and five other networks in order to snoop on certain service users.
Apps like WhatsApp, Apple’s iMessage, and Signal all provide an extra layer of security as they are all end-to-end encrypted, meaning the messages can’t be monitored by potential hackers, or the companies themselves.
“SMS messages are not encrypted — a threat actor with access to a telecommunication provider’s network who intercepts these messages can read them,” CISA stated.
The efforts of the hacker group, known as “Salt Typhoon,” which U.S. officials say is being run by the Chinese Government, is reportedly “ongoing and likely larger in scale than previously understood,” according to experts.
Jeff Greene, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, stated that the Salt Typhoon compromise “is part of a broader pattern of PRC activity directed at critical infrastructure.”
“We cannot say with certainty that the adversary has been evicted,” Greene continued. “This is ongoing PRC activity that we need to both prepare for and defend against for the long term.”
“We’re on top of tracking them down … but we cannot with confidence say that we know everything, nor would our partners,” he added.
The agency advised consumers to utilize alternate two-factor authentication methods wherever feasible to reduce the danger of hacking, even though some online services might not offer them. Additionally, they suggested utilizing a password manager, creating strong passwords, setting up a PIN whenever feasible, and updating personal devices.
Stay informed! Receive breaking news blasts directly to your inbox for free. Subscribe here. https://www.oann.com/alerts