FBI confirms Chinese hackers accessed US government official devices, networks


  • FBI and CISA confirm networks have been compromised by Salt Typhoon
  • Devices and networks used by government individuals also hit
  • The group also successfully breached a network used by US authorities

A joint statement from the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed “broad and significant cyber espionage campaign” with links to the People’s Republic of China successfully breached numerous commercial telecommunications organizations.

The infiltration of these communications networks, believed to be the group tracked as Salt Typhoon, has allowed the threat actors to gain access to customer call records data as well as the private communications of a limited number of individuals within the US government.

The joint statement has also confirmed the group managed to successfully infiltrate a US wiretap system used by authorities to submit requests pursuant to court orders.

ISPs and telecoms compromised by Salt Typhoon

In late September 2024, Salt Typhoon targeted several US internet service providers in a reconnaissance scan that is believed to assist in vulnerability hunting for potential use in later attacks. In early October 2024, it was also reported the compromise affected a number of telecommunications companies such as AT&T, Lumen Technologies, and Verizon.

Now, it appears that the issue is more widespread than first thought, with the Wall Street Journal reporting that the group may have had access “for months or longer,” citing people familiar with the matter.

This access may have allowed them to harvest “internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers.”

Salt Typhoon has also been targeting Canadian organizations, with wide sections of the government also subjected to reconnaissance scans, as well as “dozens of organizations, including democratic institutions, critical infrastructure, the defence sector, media organizations, think tanks and NGOs,” the Government of Canada said in a statement.

“The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector,” the joint statement concluded. “We encourage any organization that believes it might be a victim to engage its local FBI field office or CISA.”

Related posts

Necessity is the mother of invention: Huawei is pairing its supercharged SSD with a 60-year old piece of technology — seemingly because of US export restrictions

Here’s a great idea! MSI is giving away Microsoft 365 office suite with some of its laptops in Japan — so when will that be extended globally?

Android 16 could give Gemini more control over apps – and other AI upgrades are rumored too

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More