The world of telecommunications has always stood as the backbone of connectivity, linking people, businesses, and nations. Recent revelations about the Salt Typhoon hacking operation underscore a stark truth: the data flowing through global telecom networks remains an alluring target for adversaries. This reality makes the case for users to switch to more secure services on their devices, but it also illustrates the need for all companies, not just telecommunication carriers, to start rethinking how they manage, govern, and control encryption throughout the enterprise.
What Is Salt Typhoon?
Salt Typhoon is reportedly a sophisticated surveillance campaign attributed to Chinese state-sponsored actors. Leveraging vulnerabilities in telecom infrastructure, this operation has been used to infiltrate networks, monitor communications, and collect sensitive data on individuals and organizations. The attack is considered among the largest intelligence compromises in US history.
Unlike isolated cyberattacks targeting consumer devices, Salt Typhoon’s backdoor malware attack is systemic—it focuses on intercepting data directly from the infrastructure that powers our calls, texts, and internet traffic. This has serious implications, not only for individual privacy but also for national security and business confidentiality. Telecom networks, especially when inadequately secured, serve as treasure troves for malicious actors seeking to eavesdrop on sensitive exchanges.
Telecom Vulnerabilities
Salt Typhoon isn’t an isolated incident. Telecommunications systems have long been targets due to their complexity and inherent vulnerabilities, such as:
- Legacy Protocols: Many networks still rely on outdated standards like SS7 (Signaling System No. 7), which were never designed with modern cybersecurity threats in mind.
- Insufficient Encryption: While many telecom providers encrypt traffic internally, the lack of consistent, end-to-end encryption leaves data vulnerable at certain transfer points.
- Intermediaries: Telecommunications often involves a web of third-party providers and interconnection agreements, increasing the attack surface.
- Over-Reliance on Perimeter Security: Many networks rely on firewalls and other perimeter defenses, which crumble in the face of insider threats or sophisticated breaches.
The Case for End-to-End Encryption
The FBI and CISA are urging Americans to use end-to-end encrypted messaging and voice apps, e.g., WhatsApp, Signal, to ensure their communications stay hidden from those who compromised the carriers’ wires.
Unlike traditional encryption methods, end-to-end encryption ensures that only the sender and intended recipient can access the contents of a communication. With end-to-end encryption, even telecom providers or cloud service providers cannot decrypt user data. This limits exposure in cases of insider threats or external breaches.
From a national security perspective, state actors often target critical infrastructure because it provides access to large volumes of unencrypted data. Encrypting communications at the device level renders this approach ineffective.
Quantum Xchange’s Chief Strategy Officer Vince Berk explains, “treat the carriers as a packet truck. There’s no guarantee when your message is on the truck that nobody peeks at it. So, make sure you don’t trust it like a secure channel, and instead encrypt your own data. Thankfully this is already the case for most communications. For instance, the retrieval of email or banking tasks performed through an app or your browser. Areas that are still unencrypted are plain old SMS text messages (which your phone might automatically use), and voice calls in some cases. Just assume someone is always intercepting your packets and take action accordingly.”
End-to-End Encryption Pushback
Despite its clear benefits, deploying end-to-end encryption at scale is not without obstacles. Governments in many regions argue that end-to-end encryption hampers lawful surveillance, complicating efforts to prevent criminal activities.
The Path Forward
Salt Typhoon is a stark reminder of the vulnerabilities inherent in telecommunications networks and most enterprise environments. Implementing end-to-end encryption across heterogeneous telecom systems, which often mix legacy and modern technologies, is a complex and daunting task. To minimize the risks and consequences of the next Salt Typhoon, telecoms must prioritize encryption as a cornerstone of their networks and begin to treat their cryptographic strategy much like unreliable hardware stacks – redundancies at every level and an ability to apply policy through software quickly and decisively.
By utilizing an agile, enterprise crypto management platform like Phio TX from Quantum Xchange, organizations can ensure their encryption evolves in lock step with the shifting threat landscape and provides a critical defense layer in the evolving battle for digital privacy and security today, and in the post-quantum future.
