Salt Typhoon, a Chinese hacking group, has significantly escalated its cyber espionage operations by compromising a U.S. state's Army National Guard network between March and December 2024. The breach allowed the hackers to collect network configurations and data traffic across all states and at least four territories, potentially facilitating future attacks. The group also exfiltrated vital administrator credentials and personally identifiable information, raising serious concerns for national security following prior incursions into telecom networks. The scope of Salt Typhoon's activities poses a major threat to U.S. defense systems.
Salt Typhoon extensively compromised a U.S. state's Army National Guard network between March and December 2024, leading to significant concerns about the Defense Department's cybersecurity.
The hacking group collected network configurations and data traffic from all other US states and at least four US territories, raising alarm concerning possible follow-on attacks.
In 2024, Salt Typhoon utilized access to the Army National Guard network to exfiltrate administrator credentials, network traffic diagrams, and personally identifiable information of service members.
The DHS memo indicated that between January and March of last year, Salt Typhoon exfiltrated configuration files tied to other U.S. government and critical infrastructure entities.
Collection
[
|
...
]