In October 2024, the U.S. discovered that Salt Typhoon—a Chinese state-sponsored hacking group—had infiltrated America's telecommunications infrastructure. They weren't just listening to calls. They were listening to the systems used to tap calls. The Scope Metric / Value U.S. Telecom Companies Breached / 9 confirmed Global Providers Affected / 80+ Campaign Duration / Since 2022 Key Victims / Verizon, AT&T, T-Mobile, Spectrum, Lumen What Was Compromised Wiretap Systems (CALEA) The Communications Assistance for Law Enforcement Act (CALEA) required telecoms to build surveillance capability directly into their networks. Salt Typhoon targeted these very systems: Access to court-authorized wiretapping infrastructure Complete list of phone numbers being monitored The very systems designed for government surveillance—compromised by a foreign government Metadata Records for over 1 million users in the Washington D.C. area Call timestamps, source/destination IPs, phone numbers Duration and frequency of communications Direct Communications Audio recordings of calls from high-profile individuals Phones of Trump and Vance campaigns targeted Communications of senior government officials exposed The Technical Failures The breach wasn't sophisticated—it exploited basic security failures: Exploited VPN vulnerabilities that had patches available for years One provider's management system protected with a basic numeric password Targeted Cisco routers and core network components Custom backdoors ("GhostSpider") for persistent access "This is the worst telecom hack in American history. They got into the systems designed to help law enforcement." — Senator Mark Warner The Irony For decades, security researchers warned that legally mandated backdoors would eventually be exploited by bad actors. CALEA required telecoms to build surveillance capability into their networks. Salt Typhoon proved the critics right. When you build a backdoor for the "good guys," the bad guys eventually find the key. Government Response Action / Status $10 million bounty for Salt Typhoon intel / Active China Telecom U.S. operations ban / Implemented FCC mandatory security requirements / Proposed Encrypted messaging recommendation (Signal) / Active Pushing for Change Use end-to-end encrypted messaging — Signal, iMessage, WhatsApp Assume unencrypted calls can be intercepted — Use encrypted apps for sensitive discussions Enable 2FA on all accounts — Especially email and banking Monitor for targeted phishing — High-profile individuals should be especially vigilant Consider backup authentication apps — Physical security keys for critical accounts --- The Lesson: Mandatory surveillance backdoors create vulnerabilities that attackers will exploit. Security through obscurity isn't security at all.