""Active since at least 2019, these actors conducted a significant cyber-espionage campaign, breaching global telecommunications privacy and security norms," FBI cyber division boss Brett Leatherman said on Wednesday in a video message announcing the joint advisory. Earlier in the day, Leatherman told media outlets that Salt Typhoon targeted more than 600 organizations across 80 countries. The 37-page advisory includes indicators of compromise associated with Chinese government spies seen as recently as June, and says targeted sectors include, but are not limited to telecommunications, government, transportation, lodging, and military infrastructure networks."
""While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted connections to pivot into other networks," the US and its allies warned. "These actors often modify routers to maintain persistent, long-term access to networks.""
"The USA's FBI and CISA first alerted the public about Salt Typhoon's " significant cyber espionage campaign" late last year, and later warned the Chinese snoops' telco intrusions allowed them to geo-locate millions of subscribers, monitor their internet traffic, and " record their phone calls - with victims reportedly including " President Donald Trump and Vice President JD Vance.""
Salt Typhoon has conducted cyber espionage since at least 2019, targeting critical industries across many countries. The campaign compromised telecommunications infrastructure, enabling geo-location of millions of subscribers, internet traffic monitoring, and reported phone call recording of high-profile U.S. officials. A 37-page joint advisory and indicators of compromise link the activity to Chinese government-associated actors and note observations as recently as June. Reported targeting exceeded 600 organizations across 80 countries in sectors including telecommunications, government, transportation, lodging, and military infrastructure. The actors focus on backbone, provider edge, and customer edge routers and use compromised devices and trusted connections to maintain persistent access and pivot into networks.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]