Last year, a Chinese-backed hacking group calling themselves Salt Typhoon hacked the infrastructure of nine US-based telecommunication and internet providers. However, we haven’t really heard much from the group since then. If you thought they stopped, that’s wishful thinking. According to an FBI cybersecurity advisory, it has been revealed that Salt Typhoon has hacked at least 200 US companies.
FBI warns Salt Typhoon hacked 200 US companies
What makes these hacks a bit more worrying is that it goes beyond “traditional spying.” According to FBI Assistant Director Brett Leatherman, he told The Washington Post that the hackers were allowed to choose their own targets. This means that they might not necessarily be targeting specific US sectors, which could help narrow it down.
We’re talking about various industries ranging from transportation and even lodging. According to Leatherman, “This shows much more broad, indiscriminate targeting of critical infrastructure across the globe in ways that go well outside the norms of cyberspace operations.” The FBI Assistant Director also goes on to warn that these threats are still ongoing. He also states in the cybersecurity advisory video that, “Beijing’s indiscriminate targeting of private communications demands our stronger collaboration with our partners to identify and counter this activity at the earliest stages.”
Hackers still at large
The hacking group actually goes by several names. The Salt Typhoon moniker is a Microsoft terminology. It also appears to be comprised of several companies and so far, at least three private companies have been identified.
The joint advisory claims that these companies provided services to multiple units within China’s People’s Liberation Army and the Ministry of State Security. There is currently a bounty on the hackers, with the FBI offering a $10 million reward for information.
In the group’s last hack, it breached various telco and internet companies in the US. It stole call data logs and private communications. It even copied information from court-ordered US law enforcement requests.
