Source – The hacking operation, which investigators dubbed Salt Typhoon, buried into US broadband networks in an effort to establish a foothold within the infrastructure and access sensitive data stored by telecommunications companies or launch damaging cyberattacks.
The Washington Post reported on similar efforts last month.
Beijing has been ramping up its cyberhacking capabilities in recent months. US officials last week said they disrupted a network of more than 200,000 routers, cameras, and other internet-connected devices that a Chinese hacking team, dubbed Flax Typhoon, had infected with malware.
Another operation called Volt Typhoon sought to infiltrate ports and water and power utilities that could disrupt the US’ ability to move troops, weaponry, and supplies to Taiwan in case of an armed conflict.
“The cyber threat posed by the Chinese government is massive,” FBI Director Christopher Wray said earlier this year. “China’s hacking program is larger than that of every other major nation, combined.”
“This would be an alarming — but not really surprising — expansion of their malicious use of cyber to gain the upper hand over the United States,” said Glenn Gerstell, former general counsel at the National Security Agency.
He added that China had long depended on cyber theft to steal industrial or military secrets before quietly establishing itself within critical U.S. infrastructure.
“Now it seems they are penetrating the very heart of America’s digital life, by burrowing into major internet-service providers,” he said.
Sources told the WSJ that investigators are probing whether the hackers got access to Cisco Systems routers, and that Microsoft is looking into the intrusion and what sensitive information may have been accessed.
The report is the latest bit of bad news in a year dominated by high-profile cyberattacks on the country’s ports, automotive sector and healthcare system.
In the wake of these incidents, PYMNTS wrote last week, cybersecurity has become a chief concern for organizations of all sizes, serving as a brutal reminder that no company, no matter its size or resources, can escape cyber threats.
“These breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers,” that report said. “As cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface — the totality of vulnerabilities that hackers could exploit — is increasingly falling on businesses and their service providers.”
