Identification of Salt Typhoon's exploits allowed infiltration of its virtual private servers.
The Chinese state-sponsored threat group Salt Typhoon was noted by CISA director Jen Easterly to have infiltrated federal networks prior to its extensive cyberespionage operation against U.S. telecommunications providers.
Identification of Salt Typhoon's exploits in federal networks has enabled the FBI and other law enforcement agencies to infiltrate the hacking group's virtual private servers. This resulted in the discovery of a sweeping attack against telcos, noted Easterly at a Foundation for Defense of Democracies event this week.
"What I've been more concerned about are the efforts to burrow deeply into our most sensitive critical infrastructure, whether that's water or transportation or power or communications, for the purposes of launching disruptive or destructive attacks in the event of a major crisis in the Taiwan Strait," Easterly said.
“Despite the truly excellent work of our CISA teams and of our federal and industry partners, we know our adversaries remain relentlessly focused on holding our critical infrastructure at risk. And even as we’ve successfully eradicated numerous Chinese intrusions into critical infrastructure across multiple sectors, we know that what we have found is likely just the tip of the iceberg.
“This unrelenting PRC campaign underscores the urgent need for robust cyber defence and vigilance across public and private sectors.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
