Trump, Vance, Harris campaign potential targets in broad China-backed hacking operation
Federal authorities believe China-backed cybercriminals attempted to tap into phones or networks used by former President Donald Trump, Sen. JD Vance and members of Vice President Kamala Harris' presidential campaign, multiple sources familiar with the matter confirmed to CBS News. Officials are concerned the hackers infiltrated telecommunication systems and then targeted the candidates, the sources said.
The breadth of the potential cyber operation and information the alleged hackers might have compromised remains unclear. The sources said the campaign was recently alerted that phones used by the candidates may have been among the targets of a cyber campaign.
The news was first reported by The New York Times.
The Justice Department and the FBI declined to comment.
A source familiar with the investigation told CBS News the potential targeting of Trump and Vance was part of a broad cyberattack that targeted officials from both major political parties, and law enforcement recently notified potential victims. Law enforcement is currently treating the hack as an act of espionage, not as an attempt at campaign influence, another source said.
In a joint statement published by the FBI and the Cybersecurity and Infrastructure Security Agency, the agencies said, "The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People's Republic of China."
"After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims. The investigation is ongoing, and we encourage any organization that believes it might be a victim to engage its local FBI field office or CISA," the statement said.
In a statement, a spokesman for the Trump campaign sought to blame Democrats for the hack and alleged it was an attempt to "prevent President Trump from returning to the White House."
For weeks, federal investigators have been looking into the potential China-backed hack of major U.S. telecommunications companies and believe the cybercriminals could have used their access to collect information on key government intelligence collection capabilities, a U.S. official familiar with the matter told CBS News earlier this month.
The hacking group known as "Salt Typhoon" hit numerous major U.S. companies, including Verizon, AT&T, and Lumen Technologies. The official, who spoke on the condition of anonymity, said the depth and the severity of the hack was not yet clear.
According to the official, the Chinese hackers also breached systems used by U.S. intelligence to conduct wiretaps, and both government agencies and the affected private companies have been trying to ascertain what information, if any, the malign actors were able to collect.
Rich Young, a Verizon spokesman, said in a statement Friday, "We are aware that a highly sophisticated nation-state actor has reportedly targeted several U.S. telecommunications providers to gather intelligence. Along with federal law enforcement, industry peers andthird-party cyber experts, we have been and are working to confirm, assess and remediate any potential impact. Verizon is committed to assisting law enforcement in this investigation. Since this is an active investigation, we have no additional comment at this time."
A spokesperson for Lumen Technologies declined to comment. AT&T declined to comment.
FBI Director Christopher Wray and other top U.S. officials have long warned about the cyber threats posed by China. Hackers backed by the Chinese government recently targeted U.S. water treatment plants and electrical grids, strategically positioning themselves within critical infrastructure systems to "wreak havoc and cause real-world harm to American citizens and communities," Wray told Congress in January.
The Salt Typhoon hack is not the first cyber operation to have potentially targeted those affiliated with the 2024 presidential election.
Last month, the Justice Department charged three Iranian hackers for allegedly targeting members of former President Donald Trump's presidential campaign as part of a "wide-ranging" malicious cyber scheme. According to charging documents, three members of Iran's Islamic Revolutionary Guard Corps. executed a "wide-ranging hacking campaign that used spearphishing and social engineering techniques to target and compromise the accounts of current and former U.S. government officials, members of the media, nongovernmental organizations, and individuals associated with U.S. political campaigns."
Charging documents do not name the campaign the defendants allegedly targeted, but U.S. officials have said consistently that Iran is seeking to undermine Trump's bid for the White House.