Data Loss Prevention

Salt Typhoon Cyber Attack Strong Reminder to Use Encrypted Messages

December 20, 2024by Smarsh

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Government agencies around the world have announced that several major global telecommunications providers were compromised by a Chinese government-linked hacking group known as Salt Typhoon. Agencies involved in this joint statement include the:

  • Cybersecurity and Infrastructure Security Agency
  • National Security Agency
  • Federal Bureau of Investigation
  • Australian Signals Directorate’s
  • Australian Cyber Security Centre
  • Canadian Cyber Security Centre
  • New Zealand’s National Cyber Security Centre

Why it matters

As we discover details of an ongoing global communications data breach, a multi-national cybersecurity report reminds enterprises to examine and strengthen their cybersecurity practices. This includes a thorough examination of the data protection capabilities of communications tools vendors, including their use of encryption and other access control features.

Are financial services organizations impacted by the Salt Typhoon cyberattacks?

The short answer is: yes — if you don’t take necessary precautions.

While the primary target appears to be political leaders, the joint report and guide advises major organizations and enterprises to strengthen their visibility and harden their network devices against exploitation and other malicious cyber actors:

“Although tailored to network defenders and engineers of communications infrastructure, this guide may also apply to organizations with on-premises enterprise equipment. The authoring agencies encourage telecommunications and other critical infrastructure organizations to apply the best practices in this guide.”

Financial services organizations can’t ignore this global cyberattack, especially as more business communications take place over smartphones, mobile apps and text messages.

Individual employees to do their part too, by only using approved tools (mobile devices and other communication or collaboration applications) for business-related communications.

Jeff Greene, executive assistant director of cybersecurity at the Cybersecurity and Infrastructure Security Agency, strongly urged Americans to “use your encrypted communications where you have it,” adding that “we definitely need to do that, kind of look at what it means long-term, how we secure our networks.”

But how does this square for financial services firms that must be able to capture and retain business-related communications?

How can firms supervise encrypted messages?

The compliance challenges of encrypted apps have been widely played out in the financial media in recent years. Firms have been — and continue to be — significantly fined for their communications-monitoring lapses and oversights of encrypted messaging apps like WhatsApp or WeChat.

But as we’ve previously noted, this isn’t because of the use of encrypted messaging apps themselves. Rather, it’s the limitations of a firm’s supervisory procedures, technology infrastructure or training practices.

By selecting proven providers that leverage hardened procedures, technologies, and expertise, firms can lessen the risk that critical business-related communications can be inadvertently exposed to the next Salt Typhoon crisis.

How can Smarsh help?

"

With the recent Salt Typhoon hacking campaign and the FBI and CISA’s recommendation to switch to encrypted messaging, this is an opportune time for government agencies and companies of all industries to enable their employees to communicate with one another both confidentially and compliantly.

To move to encrypted apps for business communications, organizations will need to consider which technology providers integrate with encrypted apps to conduct communications archival, oversight, and security. This functionality is often a legal and regulatory prerequisite for government agencies and businesses in highly regulated industries like financial services.

If organizations support and provide encrypted messaging tools, employees are less likely to use them in an unsanctioned setting. Businesses that support secure communication tools now will be better positioned to navigate the evolving cybersecurity landscape and protect their most valuable asset — information.

"

-- Sheldon Cummings, Smarsh President & GM Corporate BU

Key to our mission to drive continuous innovation for a more intelligent future, Smarsh solutions are designed to help regulated organizations stay agile during times like these.

Smarsh solutions already align with these new CISA recommendations:

  • Smarsh capture solutions support various channels — including encrypted mobile messaging apps like WhatsApp and WeChat
  • Smarsh Enterprise Platform is a cloud-native archive solution, and our accredited information security program includes periodic risk assessment, threat modeling, and governance, together with regular application security testing and third-party reviews
  • Smarsh Cyber Compliance addresses your organization’s cybersecurity risk posture and easily monitors the security and compliance of devices, networks, users and vendors
  • Smarsh Vendor Risk Management monitors your vendors’ security and their access to your firm’s sensitive data

Share this post!

Smarsh
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

Contact Us

Tell us about yourself, and we’ll be in touch right away.