Chinese hackers reportedly infiltrate several major US internet companies
Chinese hackers have reportedly broken into multiple internet service providers in the United States and are abusing their position to steal sensitive information and lay the groundwork for future attacks.
A study by the Wall Street Journalciting “people familiar with the matter,” the source did not name the compromised ISPs but said there were a “handful” of victims and that the group behind the breaches has been named Salt Typhoon.
Given its name, Salt Typhoon was quickly associated with other Chinese state-sponsored groups, all of which Microsoft referred to as “Typhoon”: Flax Typhoon, Volt Typhoon, and Brass Typhoon.
Paralyzing the American response
While these groups focus on different things and target different victims, the goal appears to be the same: steal sensitive information and disrupt critical infrastructure organizations in the U.S. These groups are reportedly working together to help the Chinese government achieve its geopolitical goals, including a potential invasion of Taiwan.
At the same time, Jeff Greene, Executive Assistant Director for Cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said: The register that the agency is aware of the reports of compromised ISPs, and has essentially said it’s business as usual, as China is known for these types of stunts:
“CISA and our partners continue to highlight the risk posed by Chinese state-sponsored cyber actors, who have compromised IT environments across multiple critical infrastructure sectors and organizations,” he said in a statement.
“We encourage all organisations to read our latest advice and guidance, including our joint Cybersecurity Advisory on identifying and mitigating cross-border living techniques, and take action where necessary.”
Via The register