- Department of Homeland Security says Salt Typhoon opened National Guard Systems
- Hackers were present between March and December 2024
- The group stole vital intelligence and personally identifiable information
A Chinese state -sponsored threat actor known as Salt Typhoon lurked in the network of the US Army National Guard for nine months, the US government has confirmed.
TedePartment of Homeland Security (DHS) said attackers were present in the networks between March and December 2024.
During this period, the group stole sensitive data from its victims, including administrator information, network traffic charts, geographical maps and personally identifiable information (PII) of service members. Furthermore, attackers gained access to data traffic between the state’s network and any other US state and at least four additional territories. This means that they could also have turned to other networks and compromise on even more government and military goals.
Typhoon over America
It was not discussed how the violation happened, but DHS said the group was known for utilizing existing vulnerabilities (CVE) in Cisco’s routers and similar hardware.
Salt Typhoon is a well -known Chinese state -sponsored threat actor, part of the wider “Typhoon” organization that includes groups such as Messing Typhoon, Volt Typhoon and others.
These organizations were tasked with infiltrating various core organizations in the United States, such as critical infrastructure organizations, communication companies, government, military and defense organizations and the like.
The goal of the campaign was to be present in the networks whose US -China tensions over Taiwan escalate into a full -blown war, giving it the opportunity to disturb networks and steal key information.
Salt Typhoon is often in the media – with recent attacks against like AT&T, Verizon, Lumen, Charter, Windstream and Viasat, to name a few who often abuse the Cisco -Roumers to access before implementing custom malware such as jumblepath and ghost spider.
Via Bleeping computer
