Friendly reminder that China has thoroughly hacked the telecom system through the Police Wiretapping systems in the biggest and :i-told-you-dog: in recent history. Any surveillance system built here is, effectively, the US government building out China’s US spying capabilities without them lifting a finger. :sit-back-and-enjoy:

Is China in the room with us right now?

The US government sure is, and through expert hacking and intelligence infiltration so are the Chinese. So maybe?

Despite sanctions and public exposure, Salt Typhoon continues operating. Recorded Future documented new breaches of five additional telecom firms between December 2024 and January 2025. By August 2025, the FBI confirmed Salt Typhoon had hacked at least 200 companies across 80 countries.

And just to cement this, here’s Congress saying the same thing

“They exploited the wiretapping system that our law enforcement agencies rely on under the Communications Assistance for Law Enforcement Act — known as CALEA. These systems became an open door for Chinese intelligence. Salt Typhoon allowed the Chinese operation to track millions of Americans’ locations in real time, record phone calls at will and read our text messages.”

“So how did this happen?” she continued. “Senior national security officials said the breach occurred in large part because telecommunications companies failed to implement rudimentary – rudimentary! — cybersecurity measures. Investigators found legacy equipment not updated in years, router vulnerabilities with patches available for seven years — seven years! — that were never applied, and hackers acquiring credentials through weak passwords.”

More info about the hack.

The trusted transport layer is dead. Salt Typhoon, a Chinese MSS operation active since 2019, compromised nine major U.S. telecom carriers by exploiting fundamental identity failures. One administrator credential controlled 100,000 routers. Patches available since 2018 remained unapplied for years.

The attackers accessed CALEA lawful intercept systems. They surveilled over one million Americans in real time. They intercepted calls and texts of approximately 100 senior government officials.

This is an Identity Failure Layer collapse. The breach required no sophisticated zero-days. It required one over-privileged account, absent MFA, and years of ignored patches. CISOs are misdiagnosing this as telecom-specific. It is not. Every enterprise routes sensitive traffic through compromised networks. The transport layer your organization trusts is hostile terrain. Assume unencrypted communications are intercepted. Assume metadata is logged.

The mandated backdoor built for law enforcement became the adversary’s front door.