Security
Headlines
HeadlinesLatestCVEs

Headline

US Telecom Breaches Widen as 9 Firms Hit by Chinese Salt Typhoon Hackers

The Wall Street Journal reports that Charter, Consolidated, and Windstream have been added to the growing list of…

HackRead
#vulnerability#microsoft#cisco#git#botnet#auth

The Wall Street Journal reports that Charter, Consolidated, and Windstream have been added to the growing list of US telecom companies breached by Chinese state-sponsored hackers in the Salt Typhoon campaign.

The list of telecommunications companies compromised in the Salt Typhoon cyberattack continues to grow, with recent reports naming Charter Communications, Consolidated Communications, and Windstream as the latest victims of Chinese government espionage.

This follows previous confirmations from AT&T, Verizon, T-Mobile, and Lumen Technologies, as earlier reported by Hackread.com, that their networks had been breached. According to Anne Neuberger, White House deputy national security adviser for cyber and emerging technologies, Chinese hackers have targeted nine US telecoms, with the latest three remaining unclear.

The Wall Street Journal reported that Chinese spies exploited vulnerabilities in network devices from Fortinet and Cisco to gain unauthorized access to these telecom networks. In some cases, attackers gained control of high-level network management accounts lacking multi-factor authentication, granting them access to several routers. This access allowed them to potentially monitor network traffic and cover their tracks.

This incident has prompted several government-level security developments. The US Department of Treasury recently sanctioned a Chinese cybersecurity company for its role in another cyberattack, and the US government is taking steps to strengthen the security of American telecom infrastructure.

These measures include increased scrutiny by the FCC, legislative efforts to enhance security, and recommendations for individuals and organizations to improve their cybersecurity practices.

Moreover, given the ongoing wave of Salt Typhoon’s breaches, the US Cybersecurity and Infrastructure Security Agency (CISA) is advising government officials to switch to end-to-end encrypted messaging apps like Signal.

The latest revelation highlights the growing threat of Chinese cyberattacks on US infrastructure, with the Salt Typhoon campaign indicating a shift from traditional espionage to more disruptive activities. Experts urge organizations in international business or critical infrastructure to enhance their cybersecurity defences.

Chris Hauk, Consumer Privacy Champion at Pixel Privacy commented on the latest development stating, Possible targets of these Chinese attackers need to immediately follow the steps outlined by the FBI and NSA to help harden their systems against attack. Actually, any organization would be advised to follow the steps.

Patching and upgrading apps and devices, limiting the types of connections and privileged accounts, and only using strong encryption, are just some of the steps organizations can take to harden their systems against attack,” Chris added.

  1. FBI Disrupts Chinese State-Backed Volt Typhoon’s KV Botnet
  2. CISA – FBI: Chinese Hackers Compromised US Telecom Networks
  3. US Charges 5 Suspected MGM Hackers from Scattered Spider Gang
  4. Microsoft: Chinese Flax Typhoon uses legit tools for cyber espionage
  5. Chinese Hackers Breach US Firm, Maintain Network Access for Months

HackRead: Latest News

Millions of Email Servers Exposed Due to Missing TLS Encryption