Among the multiple stories over the last few weeks about Chinese intelligence and hackers either attempting to, or outright gaining access, to U.S. cell phone networks (with reports stating President Trump and his team were targeted), comes news of a hack of T-Mobile’s network.

T-Mobile’s network was reportedly breached in a Chinese cyber-espionage campaign targeting multiple U.S. and international telecom companies, according to the NY Post, citing the Wall Street Journal.

Hackers tied to a Chinese intelligence agency accessed the network to spy on high-value intelligence targets, though the timing of the attack was not disclosed.

The NY Post, citing WSJ, wrote that the extent of data taken from T-Mobile customers remains unclear.

The FBI and CISA recently revealed that China-linked hackers intercepted surveillance data meant for U.S. law enforcement after breaching several telecom firms.

Earlier reports indicated that Chinese hackers accessed networks of broadband providers, including Verizon, AT&T, and Lumen, extracting data from systems used for court-approved wiretapping.

“T-Mobile is closely monitoring this industry-wide attack,” a spokesperson for the company said. “At this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information.”

Sure.

The company was also working with “leading external experts” to fix the issue, a spokesperson said in an emailed statement.

The attack appeared to impact business operations at the company’s north Houston campus, as well as some global connectivity networks, the person said, who declined to be identified because they were not authorized to speak on the record.

The company has asked some staff not to connect to internal networks, the person said. -RTRS 

Halliburton has neither confirmed nor denied the cyber incident but acknowledged an issue affecting some of its systems.

A company spokesperson told CNN:

“We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact.”

“We have activated our pre-planned response plan and are working internally and with leading experts to remediate the issue.”

It’s unclear if the cyber incident is a ransomware attack.

In 2021, the ransomware group DarkSide disrupted operations across the Colonial Pipeline network, which carries gasoline and jet fuel up and down the East Coast.

A notable cyber incident unfolded in June when software provider CDK Global sparked chaos for thousands of auto dealers across the US.

The cyber incident at Halliburton serves as yet another critical reminder that hackers could paralyze companies operating critical infrastructure, such as those in the energy sector, at any time.

Trump campaign spokesperson, Steven Cheung, declined to say if they had further information substantiating the campaigns’ suggestion that it was targeted by Iran.

Cheung said, “On Friday, a new report from Microsoft found that Iranian hackers broke into the account of a ‘high ranking official’ on the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential nominee.”

According to Washington Examiner:

Former President Donald Trump’s campaign has reported it has been hacked, and Politico confirmed confidential memos from the campaign were sent to them.

“These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process,” Trump campaign spokesperson Steven Cheung said in a statement to the Washington Examiner.

Cheung did not provide confirmation to Politico for how he knew the hackers were from Iran.

The news outlet reported they received documents from a person who called themselves only “Robert” from an AOL email account, and the records included research on Sens. J.D. Vance (R-OH), and Marco Rubio (R-FL).

After the assassination attempt on Trump, reports emerged that there had been unrelated Iranian plots to kill the former president. In his statement to the outlet, Cheung referred to those reports as he accused Iran of this hacking.

Politico described in an article how they came into possession of the information and hinted at some of the data in it:

On July 22, POLITICO began receiving emails from an anonymous account. Over the course of the past few weeks, the person — who used an AOL email account and identified themselves only as “Robert” — relayed what appeared to be internal communications from a senior Trump campaign official. A research dossier the campaign had apparently done on Trump’s running mate, Ohio Sen. JD Vance, which was dated Feb. 23, was included in the documents. The documents are authentic, according to two people familiar with them and granted anonymity to describe internal communications. One of the people described the dossier as a preliminary version of Vance’s vetting file.

The research dossier was a 271-page document based on publicly available information about Vance’s past record and statements, with some — such as his past criticisms of Trump — identified in the document as “POTENTIAL VULNERABILITIES.” The person also sent part of a research document about Florida Sen. Marco Rubio, who was also a finalist for the vice presidential nomination.

The person said they had a “variety of documents from [Trump’s] legal and court documents to internal campaign discussions.”

Asked how they obtained the documents, the person responded: “I suggest you don’t be curious about where I got them from. Any answer to this question, will compromise me and also legally restricts you from publishing them.”

This is a breaking story and will be updated when more is known.

New reports warn that, following a spate of localized cyberattacks against health care facilities, federal officials and health systems are concerned that the next cyberattack target will be medical devices, including those in hospital rooms, at imaging centers and even inside patients’ homes.

“Hackers have especially targeted health systems for their valuable troves of patient data and in some cases have temporarily knocked systems offline, disrupting patient care,” Axios reported about the matter.

“But there are also a range of medical devices – such as MRIs, ventilators and pacemakers – that are potential targets, particularly when it comes to aging devices with outdated software.”

Though the cyberattack threat to medical devices is still largely theoretical, experts like Toby Gouker, an executive at privacy and security firm First Health Advisory, believe that it is only a matter of time before hackers figure out a way to break them virtually.

“It’s a real Achilles’ heel and a blind spot for health systems,” Gouker is quoted as saying. “What makes more money in a hospital than anything else? If you bring an MRI down, you can take a lot of health systems to their knees.”

(Related: Some people believe that communist China is planning a cyberattack to take down America.)

Government watchdog calls on FDA to expand cybersecurity of medical devices

The U.S. Government Accountability Office (GAO) is calling on the U.S. Food and Drug Administration (FDA), which oversees medical devices, to work more closely with the Cybersecurity and Infrastructure Security Agency to coordinate cybersecurity and medical devices in advance of a potential attack.

Both agencies have responded to the GAO’s call positively, stating that they, too, believe more needs to be done to protect medical devices from hacking attempts.

The GAO produced a report that says the vulnerabilities inherent to medical devices “still pose risks to hospital networks – and patients.”

As of last March, a new law requires all medical device manufacturers to submit plans for how to address any cybersecurity vulnerabilities inherent to their products. That law does not, it is important to note, affect any connected devices that are already on the market.

“Everything from your hospital bed to your infusion pump next to the bed, to the monitor next to the bed that’s measuring, monitoring your vitals, they’re all connected,” said Chelsea Arnone, director of federal affairs for the College of Healthcare Information Management Executives.

“Everything is online … so they’re all ostensibly hackable.”

Because many medical devices incorporate off-the-shelf software that, like all other software, is vulnerable to threats like viruses and “worms,” it is important that medical device manufacturers pay mind to this threat early on to avoid potential hacking problems later on down the road.

Up until the new law took shape and was signed into law, most medical device manufacturers offered little to no support in providing patches or other cybersecurity solutions to their customers, especially for older medical devices that no longer hold “blockbuster” status.

The name of the game for the medical device industry, just like with the pharmaceutical industry, is profits. And providing constant software support for older products means fewer profits, hence the need for legislation to force these companies to do the right thing.

One recent incident that illustrates the problem occurred in Russia after a hacker found a backdoor into a hospital’s medical device. The hospital was unable to take the product offline in order to isolate the problem, and when its employees contacted the company for assistance, they were told there is no fix.

“It’s just old school,” Arnone said about the incident. “You’re calling someone on the phone and waiting and trying to get the right person who can help you. It’s like the worst kind of customer support.”

More related news coverage can be found at CyberWar.news.

Sources for this article include:

• Axios.com
• NaturalNews.com
• GAO.gov

Today, it’s free speech video platform Rumble and their supporting project, Locals, that have been targeted. China is currently being blamed for the attack by some, but there are those who believe it is an attack by other elements who want free speech quashed.

Popular podcaster Viva Frei noted on Twitter:

I was planning to go live, but Rumble and Locals are down. Apparently it is a massive, unprecedented attack. One that is likely politically motivated.

If I have any updates, I will let everyone know.

Godspeed Rumble!

I was planning to go live, but Rumble and Locals are down. Apparently it is a massive, unprecedented attack. One that is likely politically motivated.

If I have any updates, I will let everyone know.

Godspeed Rumble!#RumbleUnderAttack

— Viva Frei (@thevivafrei) December 11, 2023

This was confirmed by Rumble CEO Chris Pavlovski:

I can confirm that this attack has been unprecedented and has been happening since this weekend.

I also suspect it is political, coming from activists and/or organizations who want to censor our creators, and related to J6 videos being posted on Rumble.

I can confirm that this attack has been unprecedented and has been happening since this weekend.

I also suspect it is political, coming from activists and/or organizations who want to censor our creators, and related to J6 videos being posted on Rumble. https://t.co/tGomVXxEzN

— Chris Pavlovski (@chrispavlovski) December 11, 2023

According to 100% Fed Up:

Online hackers affiliated with China’s People’s Liberation Army have infiltrated critical services in the United States, according to a report by The Washington Post.

Hackers reportedly targeted key services, such as power grids and ports.

“A utility in Hawaii, a West Coast port and a pipeline are among the victims in the past year, officials say,” the outlet wrote.

“It is very clear that Chinese attempts to compromise critical infrastructure are in part to pre-position themselves to be able to disrupt or destroy that critical infrastructure in the event of conflict,” Brandon Wales, Executive Director of DHS Cyber Security Agency, said.

Whoever is behind it, this attack is massive in scale and has the potential to spark long-term disruptions of sites, apps, and services across the internet.

Sound off about this news on my Substack.

This story is developing and will be updated when more information is available.

According to Techcrunch:

The exposed server was hosted on Microsoft’s Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data. The exposed server was part of an internal mailbox system storing about three terabytes of internal military emails, many pertaining to U.S. Special Operations Command, or USSOCOM, the U.S. military unit tasked with conducting special military operations.

But a misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address.

Anurag Sen, a good-faith security researcher known for discovering sensitive data that has been inadvertently published online, found the exposed server over the weekend and provided details to TechCrunch so we could alert the U.S. government.

The server was packed with internal military email messages, dating back years, some of which contained sensitive personnel information. One of the exposed files included a completed SF-86 questionnaire, which are filled out by federal employees seeking a security clearance and contain highly sensitive personal and health information for vetting individuals before they are cleared to handle classified information. These personnel questionnaires contain a significant amount of background information on security clearance holders valuable to foreign adversaries. In 2015, suspected Chinese hackers stole millions of sensitive background check files of government employees who sought security clearance in a data breach at the U.S. Office of Personnel Management.

Security clearance data is among the most sought-after by our enemies. It allows foul players to compromise those who may have access to top secret information, plans, or technology. If any of our enemies exploited this vulnerability, the repercussions could be disastrous for years to come.

Since then, the deaths of other activists, including the recently reported death of 16-year-old Nika Shakarami, have only escalated the conflict. Now, the state-run news outlets has been hacked and briefly displayed a message against the Supreme Leader, Ayatollah Khamenei. According to Israel National News:

‘Iran International’ reported that the Edalat-e Ali “hacktivist” group hacked the Iranian state TV’s live news broadcast. The TV broadcast displayed a photo of Khamenei with the sentence, “The blood of our youth is on your hands,” along with photos of Mahsa Amini and three other girls killed in the recent “hijab” protests in Iran.

The photo called on the Iranian people to join the protests and become part of the uprising protesting Amini’s murder.

Amini, 22, died on September 16, three days after falling into a coma following her arrest in Tehran by the morality police for allegedly breaching the Islamic Republic’s strict dress code for women. According to Reuters, it is estimated that 150 people have been killed since the start of the protests three weeks ago.

On Friday, in a report published on state television and quoted by AFP, Iran’s Forensic Organization said that, “Mahsa Amini’s death was not caused by blows to the head and vital organs and limbs of the body.”

Watch, and take note of the brief reaction from the news anchor afterwards. He looks like he believes he’s going to be taken out by the IRGC at any moment:

The people of Iran are fighting for their freedoms and their lives. Meanwhile, the Biden-Harris regime has barely made a mention of the massive oppression, opting instead to go after pro-life activists in America.