What business leaders should learn from the worst and still ongoing hack in American history

Even the slow moving US government is acknowledging that it’s time to change how we do business.

You could be forgiven for not paying attention to news of the latest major hack of the US government. Just in the past few years the Chinese government has stolen plans for the F35 (the most expensive and most advanced warplane in the US inventory) , broken into our water, electricity, and navigational grids, and then we learned in the past few weeks that the the US and European communications grid was thoroughly (and in a persistent ongoing way) compromised. While on the one hand that’s a shocking amount of sensitive systems that China has access and some control over, but on the other hand shrug my day to day doesn’t seem very impacted yet…

Well get ready if you work for a large business in the US or Europe. In the Chinese model, government and private firms often work hand in hand, and corporate espionage is often tied closely to security related espionage. This is a 2+ year long, ongoing, persistent breach of the phone & data networks, so extensive that Chinese hackers had the ability to not just see who called who, but also to listen in to phone calls in real time, read text messages in real time, and see every single tapped/monitored line the US government has flagged with AT&T, T-Mobile, Verizon, and pretty much everyone else. They even compromised incoming VP JD Vance & President Trump’s phones. This means that phone calls between executives, between board members, text messages with sensitive info (such as your bank’s two factor authentication code) are all subject to interception too. And it means that it’s probably just a matter of time before all this hacked intelligence is processed and distributed to private firms with links to the Chinese government.

What should business leaders do differently?

The biggest choice leaders can make is to decide that their business policy or standard operating procedure is to not trust public networks with sensitive communications.

Here are some steps you can take to improve security:

Do not use cell phone text messaging for 2 factor authentication.

For any business that has real money on the line, this is far too insecure a mechanism. There is already a mature and organized criminal business in SIM Swapping / SIM Cloning hackers for hire beyond this new Chinese hack that allows hackers to intercept text messages.

Evolve your communications architecture to “distrust” the public network.

• Most businesses have at least one “secure” communications channel already in place (Slack for example) but actually prefer/prioritize Phones/Text messaging for secure communications. I can’t tell you how many times people have said to me “I text’d you the password.” Stop doing this.
• Make sure things that feel banal & easy to do like “emailing another VP” occur over VPNs that prevent email from traveling over the public internet without encryption.
• Create standard security policies for all staff to verify coworkers identities by using your secure communications tools, rather than phone calls, text messages, emails, etc.

Conduct secure messaging training for executives, board members, and senior IT executives.

These folks often have the least insights into security, and yet are the most valuable people to target for corporate espionage. They often have the authority or ability to override existing security protocols within your organization as well, which means breach & impersonation of their hardware (phones, laptops, watches, etc) is a top priority for targeted attacks.

Ensure your organization has a “backup” communications plan in case your primary communications channel goes down.

Can your business survive a Google Workspace or Microsoft 365 outage? If you are hit by ransomware and your intranet goes down, can people figure out how to communicate with each other? Chances are good that you’ll have major issues and friction today, but could reduce those dramatically by designating one official backup channel and ensuring critical staff all know how to use that in the event of an outage.

Want to read more about the worst hack in American History & Salt Typhoon?

• US Government changes its tune on encryption - https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694
• The Salt Typhoon Hack declared terrible by Senate - https://www.washingtonpost.com/national-security/2024/11/21/salt-typhoon-china-hack-telecom/
• Links between government & private firms in China. -
• Who (or what) is Salt Typhoon? - https://cyberlaw.stanford.edu/what-exactly-is-salt-typhoon-2/

The Salt Typhoon Telecom hack has been going on for 2+ years and is still going on - https://www.washingtonpost.com/technology/2024/12/03/china-hack-salt-typhoon-telecom/