In a world running ever more on data, cybersecurity has become, once more, imperative. But as recent headlines indicate, decades-old laws can come back to bite us. Reports broke over the weekend that Chinese-backed hackers- specifically a group called Salt Typhoon-had breached the wiretap systems of major U.S. telecom and internet providers, including AT&T, Lumen, and Verizon. These hacks alone are disturbing enough, but they also reveal a much greater problem: the weakness created by a 30-year-old law designed to provide backdoor access to the private data of Americans to the US Government.
This is a stark reminder of the security vulnerabilities that come with such laws as CALEA, which demands that the telecommunication networks provide backdoors for access. Those are the very same backdoors now being used by malicious foreign actors.
From Wiretapping Bill to Big Business: How CALEA Became an Industry
The CALEA Act came into being in 1994 with an attempt to gain access to communications data from telecom companies. At that point, cell phones were still relatively new products, and internet was still a fledgling network; this sealed the fate for a wide-scale surveillance program post 9/11. With this expanded Patriot Act, the U.S. government has been able to perform both upon suspected criminals and ordinary Americans as well.
It was only in 2013 that the American public knew the magnitude of government surveillance when the Edward Snowden leak unfolded. Classified documents leaked the snooping of the National Security Agency, which many Silicon Valley companies often were oblivious to. This made tech giants such as Google, Facebook, and Apple have enough reason to lock down their platforms with encryption-though this now makes it challenging for both governments and hackers to attain access to user data.
Know more about Google’s data encryption measures
The same, however, did not happen in the telecom and internet world. Though companies like Google and Facebook were employing encryption for keeping their users’ information safe, the telcom industry lagged behind. Therefore, much of the U.S. internet and phone traffic remains vulnerable to wiretaps under CALEA, and the door is left open to foreign hackers.
The Chinese Hackers and the “Inevitable” Breach
Such was the inevitability that Georgetown Law cybersecurity expert Matt Blaze spoke of when Chinese hackers breached what should be safest systems in Salt Typhoon’s incursion into several US telecom giants, in a story first broken by the Wall Street Journal, reporting how Salt Typhoon had gained access through systems intended for wiretap use-which would normally allow very few employees to access customers’ private information.
This is not just a matter of national security but also a wake-up call for anyone who appreciates the private life in the digital world. Since data have become so highly prized, it’s not a surprise that malicious people are using this to their advantage and digging into vulnerabilities of states and societies revealed by obsolete laws.
How China’s cyberattacks threaten U.S. security
Why Encryption Is the Only Real Solution
Experts like Riana Pfefferkorn, Stanford’s encryption policy expert, assert that a user’s data can only truly be protected via encryption. According to Pfefferkorn, “that governments need to read every message or listen to every call ‘for your own protection’ is just a fallacy,” and indeed backdoor systems actually make users more vulnerable, not less.
Other encryption tools include Signal that provides end-to-end encryption, therefore crucial to the battle securing our private communications. To U.S. telecom breaches, Signal president Meredith Whittaker was vocal in exposing the simple fact that any backdoor, however secure it is planned to be, would have a weakness.
Get Signal for secure communication
CALEA: A Cautionary Tale for the Future
It’s not just about the past—it’s about what governments might do next. Around the world, lawmakers continue to push for legislation that undermines encryption. In Europe, for instance, they are trying to force messaging platforms like WhatsApp and Telegram to scan users’ messages for illegal content. That opens doors to similar vulnerabilities as those that CALEA exposed.
In a cautionary tale for advocates of more surveillance backdoors, as Blaze wrote, it was CALEA that Chinese hackers abused when they penetrated U.S. telecom systems and exploited those very vulnerabilities – little reason exists to think others won’t follow suit.
Delve into Cyber Security Tips
What’s Next for U.S. Telecom and User Data?
Of course, we don’t know the full extent of this damage, but national security sources are saying it’s “potentially catastrophic.” In any event, what Salt Typhoon is doing fits into an overall scheme to lay down a base for even more destructive cyberattacks, maybe in preparation for an even farther-off future China-U.S. conflict.
These revelations make it clear that what can be depended upon for information confidentiality-sensate or other-is no longer the archaic laws such as CALEA. In recognition of better security with the solid encryption, these companies should encourage the proper safety of their customers’ data against hostile attacks by the telecom industry.
For now, users can only hope that the government and telecom companies alike will learn from this breach and take the steps needed to prevent further compromises. But as long as backdoors remain, there will always be someone waiting to pick the lock.
Stay on top of encryption policies
This backdoor breach of the U.S. telecom wiretap system exemplifies how the issues of backdoors will always be constant and driving the industry to rethink everything it has done so far concerning data protection.
Stay updated: Tech News