Verizon and AT&T, two of the largest US telecom companies, have announced that they have successfully contained a cyberattack linked to the China-backed Salt Typhoon hacking group. The attack, which was first reported in October, targeted a small number of high-profile government customers, aiming to gather intelligence on US citizens.

In a statement to TechCrunch, Verizon spokesperson Richard Young confirmed that the company has "contained the cyber incident brought on by this nation-state threat actor" and has not detected any threat actor activity on its network "for some time." The containment was verified by a "highly respected cybersecurity firm," although the company declined to name the third-party firm.

Verizon's chief general counsel, Vandana Venkatesh, detailed the company's response to the incident, stating that they "immediately" took several key actions to protect customers and the network, including partnering with federal law enforcement and national security agencies, industry partners, and private cybersecurity firms. After considerable work addressing the incident, Verizon reported that it has contained the activities associated with this particular incident.

AT&T also confirmed that it has secured its network after being targeted by the Salt Typhoon hacking campaign. According to Reuters, an AT&T spokesperson stated that the company detects no activity by nation-state actors in its networks at this time, and that the Chinese-backed hackers targeted a "small number of individuals of foreign intelligence interest."

This marks the first acknowledgment by Verizon and AT&T of being impacted by the Salt Typhoon campaign. US officials reported earlier this month that at least eight telecommunications providers had been targeted, including Lumen (formerly CenturyLink) and T-Mobile. On Friday, Anne Neuberger, deputy national security adviser for cyber and emerging technology, said a ninth victim had been identified, although the company's name was not disclosed.

Neuberger revealed that one of the nine telecoms breached involved an administrator account that had access to over 100,000 routers, highlighting the severity of the attack. The incident underscores the ongoing threat of nation-state cyberattacks and the need for vigilance and cooperation among private companies, government agencies, and cybersecurity firms to protect critical infrastructure and sensitive information.

The successful containment of the Salt Typhoon attack by Verizon and AT&T is a positive development, but it also serves as a reminder of the persistent and evolving nature of cyber threats. As the cybersecurity landscape continues to shift, it is essential for companies and governments to prioritize collaboration, information sharing, and proactive measures to stay ahead of emerging threats.

In the wake of this incident, it is crucial for telecommunications providers to re-examine their security protocols, implement robust threat detection and response strategies, and work closely with government agencies and cybersecurity experts to prevent future breaches. The incident also underscores the need for increased transparency and accountability in the cybersecurity sector, ensuring that companies are held to high standards of security and disclosure.

As the investigation into the Salt Typhoon campaign continues, it is likely that more details will emerge about the scope and impact of the attack. In the meantime, the successful containment of the incident by Verizon and AT&T serves as a testament to the importance of proactive cybersecurity measures and the need for sustained cooperation among stakeholders to protect critical infrastructure and national security.