Salt Typhoon
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. The ruling came in January 2025 and took effect immediately under the Communications Assistance for Law Enforcement Act (CALEA), in response to Salt Typhoon’s breaching multiple […]
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon global hacking campaigns to three China-based technology firms. According to the joint advisories [NSA, NCSC], Sichuan Juxinhe Network Technology Co. Ltd., Beijing Huanyu Tianqiong Information Technology Co., and Sichuan Zhixin Ruijie […]
Chinese hackers breached National Guard to steal network configurations
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. Salt Typhoon is a Chinese state-sponsored hacking group that is believed to be affiliated […]
Canada says Salt Typhoon hacked telecom firm via Cisco flaw
The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored ‘Salt Typhoon’ hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February. During the February 2025 incident, Salt Typhoon exploited the CVE-2023-20198 flaw, a critical Cisco IOS XE vulnerability allowing remote, unauthenticated attackers to create arbitrary accounts and gain admin-level privileges. The flaw […]
Telecom giant Viasat breached by China’s Salt Typhoon hackers
Satellite communications company Viasat is the latest victim of China’s Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the United States and worldwide. Viasat provides satellite broadband services to governments worldwide and aviation, military, energy, maritime, and enterprise customers. Last month, the telecom giant told shareholders that it […]
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. In October, the FBI and CISA confirmed that the Chinese state hackers had breached multiple telecom providers (including AT&T, Verizon, Lumen, Charter Communications, Consolidated Communications, and Windstream) and many other telecom companies […]
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. Salt Typhoon (aka Earth Estries, GhostEmperor, and UNC2286) is a sophisticated hacking group active since at least 2019, primarily focusing on breaching government entities and telecommunications companies. […]
Chinese hackers breach more US telecoms via unpatched Cisco routers
China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. Recorded Future’s Insikt Group threat research division states that the Chinese hacking group (tracked Salt Typhoon and RedMike) has exploited the CVE-2023-20198 privilege escalation and CVE-2023-20273 Web UI command injection vulnerabilities. These ongoing attacks have […]
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year’s Salt Typhoon security breaches. Today’s action comes after FCC Chairwoman Jessica Rosenworcel said in early December that the FCC would act “urgently” to require U.S. carriers to secure their systems from cyberattacks. “We now have a choice to make. We […]
Chinese hackers also breached Charter and Windstream networks
More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access […]