Expanded Telecom Breaches Highlight Ongoing Chinese Cyber Threat Recent reports from the Wall Street Journal have surfaced, revealing that telecom giants Charter Communications, Consolidated Communications, and Windstream have fallen victim to the widespread Salt Typhoon hacking campaign attributed to Chinese state-sponsored actors.

Growing List of Affected Telecoms

The Salt Typhoon operation, characterized by its penetration of US telecommunications infrastructure, has been confirmed to have compromised nine providers. These attacks were previously reported by Hackread.com to include major players like AT&T, Verizon, T-Mobile, and Lumen Technologies. Anne Neuberger, the White House deputy national security adviser for cyber and emerging technologies, noted the breaches' breadth, with the latest intrusions still being scrutinized.

Modus Operandi of the Hackers

According to the Wall Street Journal, the attackers exploited known vulnerabilities in Fortinet and Cisco network devices. They bypassed security protocols by taking over high-level network management accounts, often lacking multi-factor authentication. This level of access not only allowed them to surveil network traffic but also to erase any footprint of their activities.

Government Response

In response to this escalating threat, the US government has initiated several high-level security measures. The Department of the Treasury recently imposed sanctions on a Chinese cybersecurity company involved in a separate cyber endeavor, showcasing a firm stance on international cyber intrusions. Meanwhile, the Federal Communications Commission (FCC) is intensifying scrutiny over telecom security, backed by legislative pushes to fortify security protocols across the sector.

Broader Recommendations and Security Measures

The Cybersecurity and Infrastructure Security Agency (CISA) advises governmental personnel to adopt end-to-end encrypted messaging platforms, such as Signal, to mitigate risks. This advisory comes in the wake of attempts by Salt Typhoon hackers to transition from traditional espionage techniques to potentially more disruptive cyber activities. We stress the importance for potential targets of these incursions to adhere strictly to guidance from the FBI and NSA. This includes patching systems, upgrading software, restricting connections and privileged accounts, and utilizing robust encryption methods to safeguard sensitive data. As the Salt Typhoon campaign gains momentum, organizations, especially those involved in international business and critical infrastructure, are urged to bolster their cybersecurity frameworks to guard against complex intrusions.

The link has been copied!