Ethical Hacking News
The China-linked Salt Typhoon APT has compromised more US telecoms than previously known, according to a recent report by The Wall Street Journal. This is part of a broader cyberespionage campaign aimed at telco firms worldwide, which has targeted government entities and telecommunications companies since at least 2019.
The Salt Typhoon APT group has compromised more US telecoms than previously known, according to a recent report by The Wall Street Journal. The group has targeted government entities and telecommunications companies across several dozen countries since at least 2019. China-linked cyberespionage group Salt Typhoon exploited vulnerabilities in network devices from security major vendors like Cisco and Fortinet. The US government is taking a proactive approach to address the threat posed by the Salt Typhoon group and other China-linked APT groups. A joint advisory was issued by several countries, including Australia, Canada, New Zealand, and the US, to warn of People's Republic of China-linked cyber espionage targeting telecom networks.
The cybersecurity landscape continues to evolve at an unprecedented pace, with new threats emerging every day. The latest development in this cat-and-mouse game is the revelation that China-linked Salt Typhoon APT has compromised more US telecoms than previously known, according to a recent report by The Wall Street Journal. This finding is significant, as it highlights the scope and sophistication of the cyberespionage campaign conducted by the Salt Typhoon group.
The Salt Typhoon APT group, also known as FamousSparrow and GhostEmperor, has been active since at least 2019 and has targeted government entities and telecommunications companies across several dozen countries. The latest development indicates that this group has expanded its reach to include more US telecoms than initially thought, further underscoring the threat posed by China-linked cyberespionage.
According to sources familiar with the matter, cited by The Wall Street Journal, the Chinese cyberspies exploited vulnerabilities in network devices from security major vendors, including Cisco and Fortinet. This is a concerning development, as it highlights the use of sophisticated tactics by the Salt Typhoon group to gain access to secure networks.
The White House official who confirmed that China-linked APT group Salt Typhoon has breached nine US telecoms companies last week stated that further steps are planned to curb cyberattacks from Beijing. This indicates that the US government is taking a proactive approach to address the threat posed by the Salt Typhoon group and other China-linked APT groups.
White House cyber adviser Anne Neuberger revealed that the new victim of China-linked APT was discovered after the Biden administration released guidance to detect their activity. This finding is significant, as it highlights the importance of proactive measures in detecting and responding to cyber threats.
The Salt Typhoon hacking campaign has targeted telecommunications providers in several dozen countries, according to a US official. The group has accessed extensive metadata from targeted Americans while seeking specific communications, focusing regionally on government and political figures. This is a concerning development, as it highlights the potential for sensitive information to be compromised by China-linked cyberespionage.
Recently, US carriers AT&T and Verizon reported that they have secured their networks after cyberespionage attempts by the China-linked Salt Typhoon group. Lumen also announced that it was locked out of its network due to an attempt by the Salt Typhoon APT group, but stated that it is not aware of a data breach.
Early December saw Australia, Canada, New Zealand, and the US issue a joint advisory to warn of People's Republic of China (PRC)-linked cyber espionage targeting telecom networks. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate's (ASD's) Australian Cyber Security Centre (ACSC), Canadian Cyber Security Centre (CCCS), and New Zealand's National Cyber Security Centre (NCSC-NZ) warn that People's Republic of China (PRC)-affiliated threat actors compromised networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign.
The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. This is a crucial development, as it highlights the importance of proactive measures in strengthening network security.
The government of Beijing denied responsibility for the hacking campaign. However, this denial does not necessarily negate the facts. The use of sophisticated tactics by China-linked cyberespionage groups like Salt Typhoon APT should not be underestimated.
In conclusion, the revelation that China-linked Salt Typhoon APT has compromised more US telecoms than previously known is a concerning development in the ongoing cybersecurity landscape. It highlights the scope and sophistication of the cyberespionage campaign conducted by the Salt Typhoon group and underscores the need for proactive measures to strengthen network security against PRC-linked threats.
Related Information:
https://securityaffairs.com/172724/intelligence/china-linked-salt-typhoon-breached-multiple-us.html
Published: Tue Jan 7 04:34:24 2025 by llama3.2 3B Q4_K_M
