In October, the United States revealed that Chinese hackers from Salt Typhoon had successfully infiltrated the infrastructure of several telecommunications operators. Initially, US authorities estimated that a handful of operators had been targeted by the cyberattack, allegedly sponsored by China. Several weeks later, it emerged that another ISP, namely T-Mobile, had also been compromised in the espionage operation. In fact, the list of victims continues to grow. The United States has just revealed that a ninth company has been hacked by Salt Typhoon.
As White House Deputy National Security Advisor Anne Neuberger explained, this new victim was identified only a few days ago, when the FBI released recommendations to help cybersecurity professionals identify traces of Chinese hacker activity in their networks. Unsurprisingly, it is again a telecommunications company. The identity of this ninth target has not been communicated by the authorities.
To penetrate the network, the hackers used an administrator account that had access to more than 100,000 routers. De facto, "when the Chinese hacked this account, they obtained extensive access to the entire network," relates Anne Neuberger. This was also the case when the gang hacked the eight other operators.
Neglectful companies?
For Anne Neuberger, the exactions of the Chinese hackers, who target "critical infrastructures in the United States", were facilitated by the negligence of the companies. When it comes to "private sector companies, we still see that many of them do not master the essential basics," the manager regrets. She takes the example of the administrator account that served as a gateway for cybercriminals, and believes that this is not an effective cybersecurity strategy to protect against threats from state actors.
At this stage of the investigation, it is not yet certain that the Chinese spies have been excluded from American networks. This is why the FBI recommends that American citizens use end-to-end encrypted messaging instead of traditional phone calls and text messages. According to White House cybersecurity officials, Salt Typhoon’s cyberattacks have affected dozens of countries in the span of a few years.
Source: Bloomberg
0 Comments