| Hi, it’s Jamie. In a rare bipartisan moment, Democrat and Republican senators agree the problem of Chinese state-sponsored hackers is getting worse. But first… Must Reads: • T-Mobile said to have caught hackers early, averting leak
• China ship stirs suspicions after Baltic Sea cables damaged
• ‘Crocodile of Wall Street’ gets 18 months in crypto case The Senate held a hearing on Tuesday about an audacious Chinese state-sponsored hack that targeted President-elect Donald Trump’s family and high-ranking officials via telecom systems. While the affected companies and investigators are still grappling with the scope of the attack by the so-called Salt Typhoon group, senators on the Judiciary Committee called for urgent action to address the threat posed by China. US officials said last week that Chinese state-sponsored hackers perpetrated a “broad and significant cyber-espionage campaign” in which they breached multiple telecommunications companies to steal customer call records. Staff of Vice President Kamala Harris, Vice President-elect JD Vance and others were targeted in addition to Trump, according to Missouri Republican Senator Josh Hawley. “I hope it’s a wakeup call for our entire government, our entire country, that we face in China a peer competitor of a kind that we frankly haven’t seen in any of our lifetimes,” Hawley said at the hearing. China has denied the Salt Typhoon allegations. Foreign Ministry spokesman Lin Jian said last week that Beijing has “no interest in interfering in other countries’ internal affairs through cyberspace.” The Salt Typhoon campaign has targeted the networks of many of the leading telecom companies in the US, including T-Mobile US Inc., AT&T Inc., Verizon Communications Inc. and Lumen Technologies Inc., the Wall Street Journal previously reported. Another Chinese group breached Singapore Telecommunications Ltd. this summer as part of a broader campaign against infrastructure firms around the world, my colleagues reported earlier this month. China is growing more sophisticated in its attempts, Adam Meyers, a senior vice president at cybersecurity firm CrowdStrike Holdings Inc., told the Senate. State-sponsored hackers have “moved away from smash and grab operations to bulk collection, longer term operations against upstream providers like ISPs, telecommunications companies, consulting organizations,” Meyers said. Routers, which Kelcee Griffis and I reported this week were compromised in parts of the breach, have been increasingly targeted by nation-state actors, according to Meyers. The more aggressive posture comes after a change in China’s national security law that essentially privatized vulnerability research and gives the Chinese government first right of refusal for weaknesses found in software, Meyers said. China’s Ministry of State Security is contracting out more hacking campaigns, “effectively creating an offensive cyber industrial base in China that was building weapons and tools at an incredible pace,” he said. David Stehlin, chief executive officer of the Telecommunications Industry Association, called internet-connected devices in homes “an avenue of access.” “We typically, as consumers, buy the least expensive thing out there, which is the least secure, so it is getting to be a bigger problem than before,” Stehlin said. Connecticut Democratic Senator Richard Blumenthal called on the Federal Communications Commission to urgently “set and enforce security standards” to ensure that telecommunications networks have mandatory defenses against hacking campaigns that are as “sprawling and catastrophic” as Salt Typhoon. | 
