US Telecom Breaches Widen as 9 Firms Hit by Chinese Salt Typhoon Hackers
Summary:
The Salt Typhoon cyber-espionage campaign continues to escalate as Charter Communications, Consolidated Communications, and Windstream have been identified as the latest U.S. telecom companies breached by Chinese state-sponsored hackers, according to a report from The Wall Street Journal. This development adds to an already concerning list of compromised telecoms, including AT&T, Verizon, T-Mobile, and Lumen Technologies, previously reported by Hackread[.]com.
The attack, targeting vulnerabilities in Fortinet and Cisco network devices, allowed hackers to gain unauthorized access to high-level network management accounts that lacked multi-factor authentication (MFA). This enabled attackers to control routers, monitor traffic, and evade detection. White House Deputy National Security Adviser Anne Neuberger confirmed that nine U.S. telecoms have been breached, with the latest three breaches still under investigation.
In response, the U.S. government is ramping up efforts to secure telecom infrastructure through FCC scrutiny, new legislative measures, and government advisories urging telecom providers to improve their defenses. The breach of multiple major telecom companies by Chinese state-sponsored actors underscores the growing threat of cyber espionage targeting U.S. infrastructure. By exploiting vulnerabilities in widely used networking devices, attackers gained access to critical systems, jeopardizing communications networks and national security.
Security Officer Comments:
This campaign represents a shift in Chinese cyber operations, moving from traditional espionage to persistent access of critical networks, potentially enabling disruption and surveillance at scale. Using unsecured administrative accounts highlights the importance of enforcing multi-factor authentication (MFA), regular patching, and network segmentation to limit unauthorized access.
The U.S. government's swift response—sanctioning Chinese cybersecurity firms, increasing FCC oversight, and advising encrypted communications—reflects the seriousness of the threat. Telecom providers and infrastructure operators must prioritize patching vulnerabilities, limiting privileged access, and enhancing threat detection capabilities.
Suggested Corrections:
The Salt Typhoon campaign illustrates the increasing boldness and sophistication of Chinese cyber-espionage efforts targeting U.S. telecommunications. As the list of breached companies grows, cooperation between the public and private sectors will strengthen defenses and secure critical infrastructure. Organizations across sectors must adopt proactive security measures to counter evolving threats and prevent potential disruptions.
Link(s):
https://hackread.com/us-telecom-breaches-firms-chinese-salt-typhoon-hackers/
The Salt Typhoon cyber-espionage campaign continues to escalate as Charter Communications, Consolidated Communications, and Windstream have been identified as the latest U.S. telecom companies breached by Chinese state-sponsored hackers, according to a report from The Wall Street Journal. This development adds to an already concerning list of compromised telecoms, including AT&T, Verizon, T-Mobile, and Lumen Technologies, previously reported by Hackread[.]com.
The attack, targeting vulnerabilities in Fortinet and Cisco network devices, allowed hackers to gain unauthorized access to high-level network management accounts that lacked multi-factor authentication (MFA). This enabled attackers to control routers, monitor traffic, and evade detection. White House Deputy National Security Adviser Anne Neuberger confirmed that nine U.S. telecoms have been breached, with the latest three breaches still under investigation.
In response, the U.S. government is ramping up efforts to secure telecom infrastructure through FCC scrutiny, new legislative measures, and government advisories urging telecom providers to improve their defenses. The breach of multiple major telecom companies by Chinese state-sponsored actors underscores the growing threat of cyber espionage targeting U.S. infrastructure. By exploiting vulnerabilities in widely used networking devices, attackers gained access to critical systems, jeopardizing communications networks and national security.
Security Officer Comments:
This campaign represents a shift in Chinese cyber operations, moving from traditional espionage to persistent access of critical networks, potentially enabling disruption and surveillance at scale. Using unsecured administrative accounts highlights the importance of enforcing multi-factor authentication (MFA), regular patching, and network segmentation to limit unauthorized access.
The U.S. government's swift response—sanctioning Chinese cybersecurity firms, increasing FCC oversight, and advising encrypted communications—reflects the seriousness of the threat. Telecom providers and infrastructure operators must prioritize patching vulnerabilities, limiting privileged access, and enhancing threat detection capabilities.
Suggested Corrections:
The Salt Typhoon campaign illustrates the increasing boldness and sophistication of Chinese cyber-espionage efforts targeting U.S. telecommunications. As the list of breached companies grows, cooperation between the public and private sectors will strengthen defenses and secure critical infrastructure. Organizations across sectors must adopt proactive security measures to counter evolving threats and prevent potential disruptions.
Link(s):
https://hackread.com/us-telecom-breaches-firms-chinese-salt-typhoon-hackers/