Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Salt Typhoon. Show all posts
United States
Cyber Security Cyberespionage FBI Salt Typhoon Telecommunication United States

US Telecoms Warned of Chinese Cyber Espionage Threat

 


The White House recently brought together U.S. telecommunications executives to discuss a cyberespionage campaign attributed to Chinese-backed hackers. The attacks have been described by experts as the "worst telecom hack in U.S. history," compromising major telecom providers and targeting national security intelligence.

According to reports, the FBI said several breaches had occurred at telecommunications companies where attackers made off with sensitive data including call records and communications that the hackers could access due to government-mandated backdoors. The intrusion, according to reports, was done by a group code-named Salt Typhoon that has connections to China's Ministry of State Security. It is said to have engaged in espionage activities against officials from U.S. presidential campaigns.

The key telecom providers like AT&T, Verizon, and Lumen have been listed as victims of this cyberattack. Recently, T-Mobile has also revealed that its networks have been breached, though it claimed no customer data was compromised. The hackers did not only target U.S. companies but also stretched their reach to allied nations whose identities remain undisclosed.

Senator Mark Warner, chair of the Senate Intelligence Committee, called these attacks some of the most serious he's seen. He reported that the FBI had informed fewer than 150 people - mostly in Washington - whose communications were compromised. Some telecom companies are still working to get the attackers out of their networks, showing just how persistent these intrusions are. 


Techniques and Long-Term Goals

Salt Typhoon uses advanced tactics to infiltrate systems and maintain long-term access. They include vulnerability exploitation in common devices like Cisco routers and Microsoft Exchange servers. Researchers also found that this group uses legitimate tools to carry out their malicious activities, hence making it challenging to be detected.

Since at least 2020, this group has targeted not only the U.S. but also nations such as Brazil, India, and Taiwan. Their primary focus remains on gathering intelligence from telecommunications networks, government systems, and military organizations.

To mitigate such attacks, the FBI and CISA have been offering technical support to victims. U.S. Cyber Command has amplified operations aimed at disrupting the ability of Chinese cyber actors globally and, consequently, reducing the incidence and impact of such attacks.

This has also raised fears about broader objectives, including possible disruption of Western infrastructure in case tensions over Taiwan or any other issue are to rise further. According to FBI Director Christopher Wray, "China's hacking capabilities are larger than those of any other nation and present a significant challenge to our nation's cybersecurity defenses.".

In response to the growing threats, the Senate has scheduled a classified briefing in December to discuss further measures. The meeting underlines the urgent need to strengthen cybersecurity across critical sectors.


Read more »
Salt Typhoon
China Cyber Attacks Cyberattack Cybersecurity Data Breach FBI Hacking internet providers Routers Salt Typhoon

Chinese Government-Linked Hackers Infiltrate U.S. Internet Providers in 'Salt Typhoon' Attack

 

Hackers linked to the Chinese government have reportedly breached several U.S. internet service providers, according to The Wall Street Journal. Investigators are calling the cyberattack "Salt Typhoon," which occurred just a week after the FBI dismantled another China-backed operation called "Flax Typhoon." That attack targeted 200,000 internet-connected devices such as cameras and routers.

In the Salt Typhoon incident, hackers infiltrated broadband networks to access sensitive information held by internet service providers. Sources close to the matter told WSJ that unlike past attacks focused on disrupting infrastructure, this one seems to be aimed at gathering intelligence. FBI Director Christopher Wray had warned at the Aspen Cyber Summit that China would persist in targeting U.S. organizations and critical infrastructure, either directly or through proxies.

Chinese cyberattacks have been ongoing, but their complexity and precision have escalated, intelligence officials told the WSJ. Earlier this year, Wray described China's hacking program as the largest in the world, surpassing all other major nations combined.

China has denied involvement in these attacks. Liu Pengyu, spokesperson for the Chinese embassy in Washington, accused U.S. intelligence agencies of fabricating evidence linking China to the Salt Typhoon breach.

The WSJ report revealed that investigators are focusing on Cisco Systems routers, though a Cisco spokesperson said there is no evidence of their involvement. Microsoft is also looking into the attack. Lumen Technologies, the parent company of CenturyLink and Quantum Fiber, recently detected malware in routers that could expose customers' passwords but did not specify which ISPs were affected.

Although there's no indication that individual customers’ data was the target, you can take basic precautions:

  • Change your passwords regularly—especially your Wi-Fi router's password.
  • Consider identity theft protection services, which monitor your credit and banking activity.
  • Review your credit reports regularly to catch any suspicious activity.
Read more »
Subscribe to: Posts (Atom)