Trump and JD Vance victims of a global cyberattack attributed to China: scope, keys and international reaction

Donald Trump and JD Vance, current president and vice president of the United States after the 2024 campaign, have been confirmed as the main targets of a cyberattack of unprecedented scope attributed to hackers sponsored by the Chinese State. This operation, allegedly led by the Salt Typhoon group, not only compromised the communications of top Republican leaders, but also affected senior Democratic officials, telecommunications companies and critical sectors in up to 80 countries in the last year.

‍

What did the attack consist of and what was the objective?

• According to reports from North American and European agencies, the Chinese government's “Salt Typhoon” hacker groups carried out a systematic assault on political campaigns, infrastructure, power grids, and the U.S. and global telecommunications ecosystem.
• Trump and JD Vance were attacked during and after the election campaign. The attackers would have accessed data on their mobile phones and sensitive communications, which could pose risks of espionage, blackmail or interference in democratic processes.
• The attack occurs in a context of increasing sophistication in State-sponsored cyberattacks, where the objective is no longer just strategic/governmental, but information control, mass surveillance and data collection to exploit global networks.

‍

International reach and coordinated reaction

• In addition to the Republican political elite, senior Democratic officials and members of the Biden administration were also affected, evidencing the indiscriminate and unprecedented nature of the attack.
• Cybersecurity agencies warn that the operation has been going on for several years and is part of an offensive affecting critical infrastructures (transport, energy, military and government networks) in more than 80 countries.
• In a joint statement, the US, the United Kingdom, Germany, Italy, Finland, Spain, Australia, Canada, Japan and South Korea have condemned the campaign and announced reinforcement of defensive measures, technical assistance and intelligence sharing.

‍

What do experts say about impact and motivations?

• Intelligence sources indicate that obtaining personal data, call patterns, messages and agenda from Trump and JD Vance could be used for influence operations, espionage or political manipulation campaigns.
• Access to telephone and communication networks would allow China to monitor opponents, activists, diplomats and facilitate more sophisticated surveillance and disinformation operations.
• The case shows that hybrid attacks (which combine political, economic and technological espionage) are now part of the usual arsenal of major geopolitical actors.

‍

Key recommendations in the face of the new scenario

• Immediate reinforcement of security measures in sensitive communications and software updates on mobile devices for strategic personnel.
• Implementation of detection and early warning systems for anomalous activity in critical infrastructures and political campaigns.
• International collaboration to investigate incidents, share tactics, indicators and protocols, and prevent future infiltrations.
• Specific training in political cybersecurity, especially for teams and leaders who are campaigning or with access to confidential information.

‍

🛡️ Contact Apolo Cybersecurity and access advanced consulting to protect your most sensitive information

The cyberattack on Trump and JD Vance evidences the escalation and sophistication of state espionage and the digital war between powers. Western democracies must strengthen both their technical capacities and their global collaboration to shield their institutions and processes against the new paradigm of cyberthreats.

Do you want to prepare your organization to face state cyberattacks?

‍