Salt Typhoon: what the recent attack by China-linked hackers on the United States looked like

They denounce that the activities of the group based in the Asian country appear to be aimed at collecting intelligence information and confidential data.

A hacking campaign called Salt Typhoon penetrated some Internet service providers in USA for the purpose of accessing confidential information .

The agents behind this operation would be a group of hackers linked to the government of China as they assured The Wall Street Journal people who know the subject.

This type of operation would allow authors to access data stored by telecommunications companies, in addition to carrying out cyberattacks which could be very harmful.

According to sources on condition of anonymity, investigators They check if hackers had access to Cisco Systems routers .

A company representative assured that They carry out the corresponding expertise .

However, he stated on September 26 that “At this time, there is no indication that Cisco routers are involved.” in Salt Typhoon activities.

The sources too They said Microsoft was investigating the intrusion and what confidential information may have been accessed. .

When the aforementioned media consulted a spokesperson for the tech giant on the matter, he I preferred not to comment .

What is Salt Typhoon and why it causes concern

The cyber campaign, which was reportedly led by hackers linked to the Chinese government, is intended to access the main routers of service providers .

The founder of the cybersecurity company Volexity Steven Adair, explained that This would allow them to steal large amounts of information, redirect Internet traffic and install malware. among other imminent operations.

Similarly, former U.S. National Security Agency general counsel Glenn Gestell told the Journal that “This would constitute an alarming, but not entirely surprising, expansion of their malicious use of cyberspace for advantage. » on the North American country.

According to the technology and telecommunications lawyer, China has used cybertheft for years to obtain industrial and military secrets .

“It now appears that they are penetrating the very heart of American digital life, attacking major Internet service providers.” Gestell warned.

Hacker AI
Salt Typhoon: what was the recent attack by hackers linked to China against the United States. Photo: reference.

What campaigns similar to Salt Typhoon have been identified

By mid-September 2024, U.S. officials They claimed to have been able to dismantle Flax Typhoon’s operations. a campaign led by a group of hackers based in China.

FBI Director Christopher Wray told a cybersecurity conference in Washington: “They collected intelligence and conducted reconnaissance on behalf of Chinese government security agencies.” like saved Forbes .

The data collected by the Journal details that They managed a network of more than 200,000 routers, cameras, and other Internet-connected consumer devices. which served as an entry point for American networks.

Previously, in January 2024, the FBI reported that another China-linked campaign known as Volt Typhoon could be disrupted which planned to attack the critical infrastructure of the North American country.

In February of that year, Wray told the Munich Security Conference in Germany: “the cyber threat posed by the Chinese government is enormous” .

“The Chinese hacking program It is greater than that of all other great nations combined », Warned the director of the FBI.

According to US security officials, Agents from the Asian country have attempted – in some cases successfully – to penetrate its critical infrastructure networks. ranging from water treatment systems to oil and gas pipelines and airports.

Among the risks that access to these networks could generate, there are the possibility of interrupting the capacity to react to an episode of international crisis, such as a possible direct attack against Taiwan by China.

It is worth remembering that President Joe Biden anticipated that The United States would provide support in the event of an invasion .

For its part, the People’s Republic of China (PRC), chaired by Xi Jinping considers Taiwan part of his territory and intensified military exercises by its forces in the South China Sea.

How Salt Typhoon is different from other hacking campaigns

The sources consulted by the Journal assured that Salt Typhoon activity suggests more intelligence-gathering oriented .

They said that, At the moment, we don’t know who might be behind this. of this attack campaign.

Yet the cybersecurity company’s director of intelligence and public policy SentinelOne Chris Krebs, stated that this is probably a group known as APT40 linked to the Ministry of State Security of China.

In July 2024, the United States and its allies They denounced in a report that this agency carries out computer hacking activities .

A review of this document by Bloomberg details that, In an incident in April 2022, the group managed to steal hundreds of unique usernames and passwords, as well as intercept codes. multi-factor authentication.

What is China’s response to accusations of computer attacks?

From Asian country have denied accusations of hacking and hacking attributed to them by Western governments and various companies of the technological field.

In this sense, the spokesperson for the Chinese Embassy in Washington, Liu Pengyu, declared in September 2024 that American spy agencies and cybersecurity companies “They secretly collaborate to gather false evidence” against the government of the Asian country.

Source: Latercera

Related articles

Comments

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share article

Latest articles

Newsletter

Subscribe to stay updated.