Chinese-State Sponsored Group Breaches Global Telecoms Networks

A state-sponsored hacking group known as Salt Typhoon, operating on behalf of the Chinese Communist Party (CCP), has infiltrated the networks of multiple telecommunications companies worldwide, compromising the personal data of millions of Americans and conducting surveillance of communications, according to U.S. officials.

The FBI confirmed that it has already notified hundreds of U.S. victims, while counterparts in at least 80 countries have also been alerted to Salt Typhoon’s activity. The scope of the campaign underscores not only the privacy concerns for individuals but also the broader national security risks.

In response to the threat, the FBI and other global law enforcement agencies released a joint cybersecurity advisory. The advisory provides detailed technical guidance to help organizations detect, mitigate, and prevent attacks associated with Salt Typhoon.

The advisory notes that Salt Typhoon has been tracked under multiple aliases by researchers, including GhostEmperor, Operator Panda, RedMike, and UNC5807.

Salt Typhoon’s targeting goes beyond telecommunications, and also includes transportation, lodging, military infrastructure, and government networks. The group uses widely known software vulnerabilities and exploits network routers to establish entry into victim environments.

The FBI and its partners are urging those in critical infrastructure sectors to review the advisory and implement the recommended security measures.