BlackBerry Blog

Salt Typhoon and the Lesson of Carrier Trust: Why Protected Communication Environments Matter

Salt Typhoon Exposed the Limits of Carrier Trust

Recent disclosures from the U.S. Federal Bureau of Investigation (FBI) about the “Salt Typhoon” espionage campaign show the attack was larger than first believed. What began as a breach of U.S. telecom networks is now known to have extended to more than 80 countries. Attackers captured over a million call records and gained visibility into the calls and text messages of a minority of high-profile individuals.

They also accessed lawful intercept systems. These systems are intended for authorized court oversight. When misused in this way, they exposed large volumes of communications metadata — the details around conversations, such as who called whom, when, for how long, and from where. In some cases, the content of calls and texts for certain individuals was exposed.

Metadata might seem like an abstract concept but combined with even a small amount of captured content, it reveals detailed insight into how leaders, executives, and individuals connect and operate. This context shows the potential impact of Salt Typhoon. To make it tangible, consider the following theoretical scenario where access to call records, metadata, or content could affect operations.

Government Operations

A cabinet official coordinating energy negotiations abroad may assume calls are private. However, exposed call records and locations can reveal who was consulted, when key decisions happened, and where the official traveled. If conversations are captured, the negotiation itself could be at risk.

Corporate Leadership

A CEO of a critical infrastructure company discusses mergers and supply chains. Even without listening to the calls, knowing the timing and partner data reveals business priorities. If conversations are intercepted, competitors or hostile actors could use this information to gain an advantage.

Personal Exposure

For individuals, metadata can map routines and daily activities. For journalists, it may expose confidential sources; for activists, it can reveal networks and meeting points. For high-profile leaders using personal devices, it can reveal travel patterns, contacts, and sensitive discussions.

History demonstrates how powerful metadata can be. In counterterrorism operations, phone records can be used to track people, map relationships, and in some cases even guide major decisions, about drone strikes. The key point is clear: if metadata can provide guidance to such a degree, leaving it exposed puts governments, enterprises, and individuals at real risk.

We may never know the full consequences of Salt Typhoon, other than it was far reaching.

Why Carriers Alone Aren’t Enough

Salt Typhoon also highlights that relying solely on carrier networks for connectivity cannot guarantee sovereign assurance. Even the best networks can be infiltrated or abused.

  • Telecom infrastructure can be attacked. When routers or connected devices are compromised, adversaries gain entry into the carrier backbone.
  • Intercept systems can be misused. Oversight tools meant for lawful monitoring can be turned into tools for espionage.
  • Metadata exposure is broad; content exposure is targeted. Call records and location data reveal patterns of communication, and in some cases even the conversations themselves.

Placing blame on the carriers is not the solution. The focus must be on building secure environments that stay protected even if the underlying network is compromised. In these environments, sensitive conversations, leadership decisions, and crisis coordination take place with validated assurance, independent of the carrier layer.

Where Consumer Messaging Apps Fall Short

Most consumer messaging apps market “end-to-end encryption” suggesting they secure everything. In reality, it only protects one part of the problem: scrambling message content while it travels across the network. That leaves major gaps:

  • Metadata exposure. Details like timing, frequency, and location are still visible. This allows adversaries to map relationships and routines.
  • Control gap. External companies manage the infrastructure, leaving organizations with a lack of authority over data storage, key management, and system changes.
  • Identity risk. Anyone with a phone number can join. Without cryptographic enrollment, unverified users may access sensitive conversations.
  • Device compromise. If a device is lost, stolen, or infected, it can leak sensitive data. Consumer apps lack secure containers or policy enforcement.
  • Continuity risk. Apps work only as long as public internet paths are available. If carriers are disrupted or blocked, secure communication stops.

This means consumer apps may protect messages in motion but leave the wider communications environment exposed. Addressing these gaps requires something more comprehensive.

What Makes BlackBerry Different

BlackBerry® Secure Communications is built to protect critical conversations, even when underlying carrier networks are compromised. It creates secure environments above the carrier layer, protecting the entire communications system — not just the message in motion. Key features include:

  • Metadata shielding – Conceals identifiers, routing data, and communication details such as timing and location. This reduces the intelligence value of intercepted traffic.
  • Sovereign control – Customers own and manage encryption keys, infrastructure, and policies. Systems can be deployed on-premises, air-gapped, or in sovereign-managed clouds.
  • Identity assurance – Enrollment is cryptographic, not just tied to a phone number. Only verified users and approved devices can join, preventing unauthorized access.
  • Device resilience – Secure containers, encryption at rest, and policy enforcement protect communications even if a device is lost, stolen, or compromised. Access can be revoked instantly.
  • Continuity when networks are at risk – Any phone can make a call in a crisis. BlackBerry ensures those calls remain trusted across 5G, Wi-Fi, satellite, or sovereign networks, even if public carriers are degraded, disrupted, or compromised.

Independent validation is the final piece that makes BlackBerry different. Security claims must be proven, not just stated. BlackBerry undergoes independent testing against the standards required by governments and critical industries, providing assurance that protections hold up under the toughest scrutiny.

With these measures, BlackBerry offers the kind of assurance that neither carriers nor consumer apps can deliver on their own.

The Takeaway from Salt Typhoon

Salt Typhoon is a reminder that connectivity does not equal security. We cannot change the motives of adversaries, and even the best carrier networks can be compromised. While consumer apps only address part of the problem, real protection comes from changing the communications operating environment. This is done by building secure environments that insulate conversations from risk and stay trusted—even when the network underneath is compromised.

BlackBerry Secure Communications provides assurance for governments and critical sectors — safeguarding the conversations, decisions, and operations that matter most.

David Wiseman

About David Wiseman

David Wiseman is Vice President of Secure Communications at BlackBerry, providing governments and highly secure enterprises, such as defense and critical infrastructure, with BlackBerry’s leading communications technologies. With over 25 years of experience in software, security, mobility, and information management, David has worked with global industry leaders to deliver innovative solutions that enhance their security posture, and drive business outcomes.