Microsoft Threat Intelligence warns that the Chinese state-linked threat actor Silk Typhoon is targeting the IT supply chain to compromise primary organizations and access their downstream customers.
The Chinese hackers were able to dwell for at least several months in 2023 and captured about 5% to 10% of all of the emails sent by the Belgian State Intelligence Service during that time.
A recent breach of the US Treasury yielded access to Secretary Janet Yellen's computer along with those of two of her lieutenants, according to inside sources speaking to Bloomberg News reporters.
A new report cites insider sources in naming Charter Communications, Consolidated Communications and Windstream among the breached US telecom companies. The sources also state that the Salt Typhoon campaign may have started in late 2023.
A recent confirmed T-Mobile hack has been attributed to Salt Typhoon, the Chinese cyber espionage team that also breached Verizon and AT&T earlier in the year. That means the hackers were able to penetrate all three of the country's major mobile carriers in 2024.
Chinese hackers have attempted to interfere in US elections before. Anonymous official sources have spoken out claiming that this year's free-ranging espionage campaign is seeking phone data from senior officials and leading candidates regardless of party affiliation.
Chinese hackers may have had illicit access to a federal surveillance system for months before being discovered and rousted. The access was apparently gained by compromising US telecoms Verizon and AT&T.
The Chinese hackers, a state-backed team referred to as "Salt Typhoon," were spotted stealing data from ISPs and planting backdoors and other capabilities meant for use in future cyber attacks.
Officials from the United States and United Kingdom have issued another formal warning about the perceived Chinese cyber threat to international stability and social norms, calling the issue an "epoch-defining challenge" even as Beijing continues to deny that anything at all is happening.
The CSRB found that the security breach was preventable, and that a "a corporate culture that deprioritized enterprise security investments and rigorous risk management" ended up leaving open doors for the Chinese hackers.
