American officials have revealed an ongoing struggle to expel Chinese hackers from telecommunications networks, months after the espionage was first discovered. The campaign, attributed to a group called “Salt Typhoon,” has infiltrated major telecom carriers, particularly in the Washington region. The hackers have accessed sensitive data, including calling records and portals used for legal surveillance, potentially compromising counterintelligence operations.

Efforts remain incomplete: The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have worked with affected firms like AT&T and Verizon to enhance defenses, but full eviction remains elusive. Officials acknowledged that identifying the full extent of the breach could take years. The hackers’ ability to monitor government and political figures, including at least one individual linked to Donald Trump’s campaign, underscores the gravity of the attack.

China, which denies involvement, has a track record of integrating private-sector expertise into state-led cyber initiatives. The breach is consistent with Beijing’s broader pattern of exploiting any channel to bolster its intelligence capabilities, officials noted.

Infrastructure security gaps: The attackers’ methods have revealed vulnerabilities in critical infrastructure, with some networks still partially compromised. Recommendations for bolstering security include enhancing equipment logging and monitoring, especially for gear from companies like Cisco, which served as an entry point.

While U.S. agencies ramp up efforts to combat the intrusion, the incident underscores the persistent threat of state-sponsored cyberattacks. Officials emphasized that despite progress, the attackers’ reach remains global, and full containment is far from assured.