Smartphone with China flag showing Chinese hackers espionage of phone data

Chinese Hackers May Have Accessed the Phone Data of Donald Trump and JD Vance

An anonymous source has told CNN and the New York Times that Chinese hackers have targeted the phones of Donald Trump and JD Vance, but it is unclear if they were successful in compromising them. Another unnamed source has said that this is part of a broader espionage campaign by China and that phone data from the Harris/Walz campaign and the Biden administration has also been targeted.

Chinese hackers have attempted to interfere in US elections before and have generally been thought to favor Democrat candidates, perceiving their foreign policy as more favorable. However, there is no clear indication that China is playing favorites in this election. Anonymous official sources have spoken out before claiming that this year’s free-ranging espionage campaign is seeking phone data from senior officials and leading candidates regardless of party affiliation, but thus far the only confirmed breaches have been on members of the Trump campaign.

Chinese hackers may have leveraged telco access to target Trump

The activity of the Chinese hackers may be tied to reports from about a month ago that found AT&T, Verizon and Lumen had been breached by highly skilled nation-state actors. The hackers were previously known to have targeted the “lawful intercept” systems that law enforcement agencies use during court-ordered investigations, but also may have used their telco access to target the phone data of Trump and Vance among others.

The telcos have yet to comment on the issue. The sources say that the House and Senate intelligence committees have been briefed, and that the House Homeland Security Committee has opened an investigation. The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have also issued a statement indicating that an investigation of the Chinese hackers is underway; one of the inside sources says that Microsoft and Google’s Mandiant security teams are assisting.

Official sources have also said that Eric Trump and Jared Kushner were specifically targeted for phone data, as well as staff members of Senate Majority Leader Chuck Schumer. One of the anonymous sources told CNN that the FBI has been privately contacting those who have had their phone data targeted, and that some targets may have been breached for multiple months.

The Chinese embassy in Washington denied any knowledge of hacking, as it usually does, and said that the nation had no intention of interfering in the US election. Officials believe that this latter claim may actually be true, as thus far the Chinese hackers have appeared more focused on general intelligence gathering.

Still unclear how much phone data was actually stolen

As the investigation continues, it remains unclear exactly what sort of phone data (if any) was taken. But the length, seriousness and opaqueness of the investigation suggests there will eventually be a reveal of some sort of compromise. Donald Trump was famously chastised by the media repeatedly during his term as president for refusing to give up his personal phone so that he could continue to use his civilian social media accounts, with this even coming up as an item during the 2019 impeachment proceedings. However, the concern has not been so much the texts that Trump sends but the fact that he made phone calls to foreign leaders and diplomats from his personal phone out of convenience during his term.

The inside sources have thus far only said that about 40 people, in addition to Trump and Vance, have been targeted by the Chinese hackers to date. The attackers were likely using their access to Verizon to attempt to compromise Trump and Vance but may well be using their access to other telcos and ISPs for other targets. It is very likely that there will not be further solid information until after the election.

The Trump campaign has been previously targeted and breached by state-backed hackers this year, but those attacks have been attributed to Iran. The one confirmed breach was attributed to a team that works for the Revolutionary Guard Corps, and three of the hackers were charged with attempting to disrupt the election. Those hackers stole emails from Trump staffers and sent them to Biden campaign staffers. Trump also saw a boost to his assigned security detail after credible threats on his life were found to be coming from Iran. The America First Policy Institute, a conservative think tank tied to the Trump campaign, was also reported to have been targeted by a state-backed group.

Even if the Chinese hackers were not able to directly siphon phone data, the access that they had to Verizon and AT&T points to an ability to collect less-secure metadata.

David Wiseman, Vice President of Secure Communications for BlackBerry Cybersecurity, notes that this could also present a substantial threat: “This scenario exposes vulnerabilities in telecommunications infrastructure and raises concerns about the effectiveness of current cybersecurity measures. Metadata generated by communications via ‘free’ apps for voice calls and messaging can be easily traded, fueling ‘wire-tapping-as-a-service’ markets that are readily available for purchase on the internet. This underscores the harsh reality that trust placed in uncertified apps does not extend to what happens with your metadata. The solution lies in cryptographic authentication, which is crucial for ensuring secure communication channels and preventing identity spoofing, identity fraud, and deepfakes. Governments and campaign teams must prioritize secure, military-grade communication solutions that ensure full sovereign control over data to prevent eavesdropping, unauthorized access and espionage. This will significantly enhance the protection of sensitive information and national security and help uphold the integrity of democratic processes.”