The Attack and Its Perpetrators Salt Typhoon, also identified as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286, has been actively compromising government and telecom networks in Southeast Asia since at least 2019. The group’s latest known victim, an American telecom company, emerged after the Biden administration published new guidelines to assist organizations in detecting Chinese cyber intrusions. Anne Neuberger, White House deputy national security adviser for cyber and emerging technologies, highlighted the broader security implications. In a statement reported by Bloomberg, she noted, “China targets critical U.S. infrastructure, primarily within the private sector. Many companies still overlook essential defenses.” Neuberger emphasized the need for stringent security measures and accountability towards China.

Additional Security Concerns

Neuberger had previously informed the public in early December that eight U.S. telecom firms had been compromised. She assured that no classified information appears to have been obtained, though a senior CISA official acknowledged that it remains unsure if the intruders have been fully expelled from these networks. In response to these breaches, the Cybersecurity and Infrastructure Security Agency (CISA) has advised high-ranking officials to use end-to-end encrypted communication apps like Signal. CISA has also provided recommendations for telecom administrators to enhance their defenses against Salt Typhoon.

Government Actions and Future Measures

In a related development, the New York Times reported that the Biden administration plans to end China Telecom's remaining U.S. operations due to their association with breaches. The potential banning of TP-Link routers is being considered if investigations conclude they pose a threat to national security. Furthermore, U.S. Senator Ron Wyden from Oregon has proposed new legislation to fortify the telecom infrastructure, complemented by FCC Chairwoman Jessica Rosenworcel’s commitment to mandate secured operations for U.S. carriers. These unfolding actions reflect a broader commitment to bolstering national cybersecurity and protecting critical infrastructure from ongoing foreign threats.

The link has been copied!