Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Salt Typhoon is behind one of the largest hacking campaigns in recent years, targeting some of the world’s largest phone and internet companies and stealing tens of millions of phone records belonging to senior government officials.
The hacking group, attributed to China, is part of a broader group of hackers with the collective goal of helping China prepare for an eventual war with Taiwan, according to the British newspaper “Daily Mail”. Researchers. American officials did Named China’s potential invasion of Taiwan poses an “era-defining threat.” Much of the group’s efforts have focused on: Hacking Cisco routers On the edge of the company’s network to break into and Controlling surveillance devices Which US telecom companies are legally required to install to allow law enforcement to monitor calls and messages.
While Salt Typhoon focuses on hacking communications infrastructure, other hacked groups in China such as Volt Typhoon are preparing for devastating cyberattacks capable of causing widespread disruption, and Flax Typhoon runs a botnet of hijacked Internet-connected devices to hide malicious Internet traffic to hackers.
But Salt Typhoon is by far one of the most prolific hacking groups in recent years, including targeting some major US phone companies.
The hacks allowed China to obtain call logs, text messages, etc Phone audio was picked up from senior US officialsMany of them are considered targets of government interest. This prompted the FBI to urge the Americans Switch to end-to-end encrypted messaging appsFor fear that a foreign adversary might eavesdrop on their communications.
Salt Typhoon went even further, pirating At least 200 companies Worldwide, according to FBI officials. The list of affected countries is constantly growing.
here countries Which attributed the breakthroughs to Salt Typhoon.
US
Some of the best American phone companies, Including AT&T and Verizonwas confirmed to have been hacked by Salt Typhoon, as well as ISP CenturyLink (Now the cavity). T-Mobile said He was targeted But the hackers were unable to access her customers’ calls, texts or voicemails.
Satellite communications giant Viasat It was also compromised, allowing hackers to access tools used by law enforcement to access other people’s communications.
Internet and data providers Charter Communications (Spectrum) and Windstream They were also named victims of Hurricane Salt. Giant Unified Communications Fiber Network It is said to have been hacked As part of the campaign.
Hackers didn’t just target phone and internet service providers. per numerous ReportsSalt Typhoon hacked into one US state’s National Guard networks, allowing them to steal data and access other networks in every other US state and many regions.
North and South America
according to Future registered security companyIts researchers saw Salt Typhoon targeting Cisco devices linked to universities in Argentina, Mexico and elsewhere.
At the same time, Canadian government It confirmed that its major telecommunications companies had been hacked by China as part of Salt Typhoon’s expanded espionage campaign. Canada also confirmed that several Cisco routers at one of the telecom giants were hacked to steal data from the company.
The government in Ottawa warned that it believes that targeting companies is “broader than just the telecommunications sector.”
Trend Micro She said she witnessed Salt Typhoon activity in Brazil, the most populous country in South America.
Asia, Africa and Oceania
Recorded future It said it had seen Salt Typhoon target at least one telecom company in Myanmar, Mytel, via compromised Cisco routers, as well as a telecom provider in South Africa. It has also seen attacks targeting university routers via it Bangladesh, Indonesia, Malaysia, and Thailand.
Japan has it too He warned of the danger of hurricane salt to its networks.
both Australian governments and New Zealand They say they have seen Salt Typhoon activity in their critical communications and infrastructure sectors. New Zealand said it had also detected Salt Typhoon hackers in the government sector, as well as transport networks, housing and military infrastructure.
Trend Micro It also said it found at least 20 compromised organizations in the communications, consulting, chemicals and transportation sectors, as well as government agencies and non-profit organizations in various countries, including Afghanistan, Eswatini, India, Taiwan and the Philippines.
Europe
The British government has confirmed that a “range of activity” from Cyclone Salt was seen across the UK. While the activity is not specified, News reports indicate That senior UK government employees may have had their phone records tapped and text messages read.
Norway has The Salt Typhoon hack has also been confirmed Many organizations in the country.
Dutch authorities in the Netherlands say there are many smaller ISPs and web hosts She was targeted They had access to routers, but their internal networks were not compromised.
Italian ISP hacked, per Recorded future.
And according to Czech cybersecurity officialsIncidents related to Salt Typhoon intrusions have been seen in Finland and Poland.