Former FBI Officials Warn Chinese Cyberattack Likely Compromised Every American

The scope of Chinese state-sponsored cyber intrusions into American telecommunications infrastructure has reached dimensions that challenge our understanding of national security in the digital age. According to former senior FBI officials and international cybersecurity experts, it appears increasingly likely that every American citizen has been affected by what has become known as the Salt Typhoon cyberattack.

International law enforcement agencies, including the FBI and National Security Agency, issued a joint advisory in September warning that actors sponsored by the Chinese Communist Party have been systematically targeting critical aspects of American infrastructure. These targets include telecommunications networks, government systems, transportation facilities, lodging establishments, and military communications infrastructure. The campaign extended well beyond American borders, affecting numerous countries across the globe.

The intelligence assessment identifies three Chinese companies believed to be operating on behalf of China’s intelligence services, including units within the People’s Liberation Army and the Ministry of State Security. Through the vast quantities of information gathered during these intrusions, Chinese intelligence services have gained the capability to identify and track their targets’ communications and movements worldwide.

Cynthia Kaiser, who held a senior position in the FBI’s cyber division, offered a sobering assessment of the attack’s breadth. She stated that given the extensive nature of the campaign, it is difficult to envision any American who remained unaffected by the breach.

The direct victims of this cyberattack include senior United States government officials and prominent political figures whose communications were accessed and monitored. Among those specifically targeted were senior officials from both major political parties, including figures from the most recent presidential campaign.

Pete Nicoletti, chief information security officer at Check Point, provided technical details about the unprecedented nature of the intrusion. The attackers possessed what he described as complete access to telecommunications data, allowing them to monitor phone calls placed by Americans across the spectrum of society. While ordinary citizens making routine calls were not specifically targeted for surveillance, their communications passed through compromised systems that gave foreign actors the technical capability to access them.

Most concerning to cybersecurity professionals is the duration of the intrusion. According to Nicoletti, the Salt Typhoon operation established its presence within American systems and extracted data for approximately five years, a timeline he characterizes as nearly unprecedented in the history of cyber operations.

The cybersecurity community now faces a troubling question that extends beyond cataloging past damages. Experts express particular concern not merely about what Salt Typhoon might target in future operations, but whether the group remains embedded within companies and government agencies that have yet to discover the extent of the compromise.

This revelation comes at a time when the United States is reassessing its approach to protecting critical infrastructure from foreign adversaries. The incident underscores the asymmetric nature of modern conflict, where traditional concepts of national borders and defensive perimeters have limited application in cyberspace.

The challenge facing American security services and private sector partners is formidable. Rooting out sophisticated state-sponsored intrusions requires not only technical expertise but sustained vigilance and resources that must be maintained across thousands of potential targets. The Salt Typhoon operation demonstrates that America’s adversaries are playing a long game, willing to invest years in maintaining covert access to gather intelligence.

And that is the way it is.