Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Chinese hackers reportedly infiltrate several major US internet firms

A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag.

Chinese hackers have allegedly broken into multiple internet service providers (ISP) in the United States, and are using their position to steal sensitive information and lay the groundwork for future attacks.

An investigation by the Wall Street Journal, which cited “people familiar with the matter”, did not name the compromised ISPs, but did mention there has been a “handful” of victims, and that the group behind the intrusions has been dubbed Salt Typhoon.

Given the name, Salt Typhoon has quickly been linked to other Chinese state-sponsored groups, all of which Microsoft named ‘typhoon’ - Flax Typhoon, Volt Typhoon, and Brass Typhoon.

Crippling the US response

While these groups focus on different things, and target different victims, the goal seems to be the same - to steal sensitive information, and disrupt critical infrastructure organizations in the US. These groups are reportedly working in coordination to assist the Chinese government in achieving its geo-political goals, including a possible invasion of Taiwan.

At the same time, US Cybersecurity and Infrastructure Security Agency (CISA) Executive Assistant Director for Cybersecurity, Jeff Greene, told The Register that the agency is aware of the reports of compromised ISPs, and basically said it’s business as usual, since China is known for pulling these kinds of stunts:

"CISA and our partners continue to emphasize the risk posed by PRC state-sponsored cyber actors, who have compromised the IT environments across multiple critical infrastructure sectors and organizations," he said in a statement.

"We encourage all organizations to review our latest advisories and guidance, to include our joint Cybersecurity Advisory on identifying and mitigating living off the land techniques, and take action, as appropriate."

Via The Register

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.