- Security Agency Issuing Common Statement Warning Chinese Tech Company can indirectly collaborate with Salt Typhoon
- Salt Typhoon is a hacking group behind several high -profile attacks
- Group is believed to have serious connections to the Chinese government
A new joint cybersecurity advice from the National Security Agency (NSA) and other agencies such as CISA, the UK’s NCSC, Canada’s CSIS, Japan’s NPA and many more appear to postpone advanced sustained threat (APT) actors assumed to be sponsored by the Chinese government.
According to the counseling, Chinese companies have provided products and services to China’s State Department and the military – which in turn are claimed, props with hacking groups.
These threat actors are targeted at infrastructure such as telecommunications, government, military, transport and energy agencies – specifically in a global hacking campaign linked to the notorious salt typhoon group.
Supplies components
“The data stolen through this activity against foreign telecommunications and ISPs (ISPs), as well as the entry into lodging and transport sectors, can ultimately provide Chinese intelligence services to identify and track their goals’ communication and movements around the world,” the counseling warns.
Some of the companies named in the counseling, such as Sichuan Juxinhe Network Technology Co. Ltd, has already been sanctioned for their ties to the group.
Other named companies include Beijing Huanyu Tianqiong Information Technology Co., Ltd. and Sichuan Zhixin Ruijie Network Technology Co., Ltd, all of which are believed to be connected.
The report also outlines specific threat hunting guidance and meals against these groups, especially in quickly patching units, monitoring unauthorized activity and tight device configuration.
Earlier in 2025, Salt Typhoon was discovered that performed a cyber -espionage campaign that violated several communications companies with hackers lingering inside US business networks for months.
The group was observed abuse of vulnerabilities in Microsoft Exchange servers, which enabled them to violate networks and exfiltrate data. A solution for this error has been available for years, but research suggests that nearly 91% of the 30,000 deposits remain unmet – which highlights the importance of implementing effective patch management software.
China has always strenuously denied any ties to this group and to other cyber-spyage campaigns.
