Particle.news
Download on the App Store
10 ARTICLES
·
34m ago

U.S. and Allies Unveil Salt Typhoon Cyber-Espionage Campaign Hitting 80 Countries

Officials warn the Chinese-backed intrusions remain entrenched due to unpatched flaws in widely used network devices.

The Government Communications Headquarters in Gloucestershire
Image
Image
Image

Overview

  • The 37-page joint advisory from the FBI, NSA, CISA and 12 partner nations formally attributes a years-long campaign known as Salt Typhoon.
  • U.S. agencies named Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie and Sichuan Juxinhe as companies that supported China’s intelligence services, with Juxinhe sanctioned in January.
  • The FBI said the hackers breached more than 200 companies across about 80 countries, and the bureau notified at least 600 organizations of targeting.
  • Targets included telecoms, government, transportation, lodging and military networks, with intrusions at AT&T and Verizon enabling potential access to calls, texts and location data for over a million people in the Washington, D.C. area.
  • Investigators say activity dates to at least 2019, exploiting CVEs in Ivanti, Palo Alto and Cisco gear, modifying routers for persistence, breaching lawful-intercept systems, and exfiltrating configuration data from U.S. entities including two state agencies.