Summary: New insights have been shed into the problems that allowed the Chinese advanced persistent threat group known as Salt Typhoon to infiltrate several telecommunications companies’ networks over the last year. CyberScoop gives a detailed analysis of how telecoms may never fully eradicate the threat actor fromtheir networks.
Analyst Note: Experts have noted that the U.S. telecom system is just too technologically fragmented in order to give a clear picture of threats, and too large to fully erase all espionage efforts. Additionally, a lack of coordination and miscommunication between the telecommunications industry and federal agencies is being attributed as a major reason for critical networks being exposed to the Chinese threat group.
Given the scope of the more recent Salt Typhoon breaches and the propensity for PRC-affiliated actors to target the water sector, WaterISAC highly recommends utilities continue to follow sector-specific guidance and remain alert to the ongoing situation.
Original Source: https://cyberscoop.com/salt-typhoon-chinese-hackers-us-telecom-breach/
Additional Reading:
- ‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots
- Asia Produces More APT Actors, as Focus Expands Globally
Mitigation Recommendations:
- Tenable Analysis of Salt Typhoon and Exploited Vulnerabilities
- Ongoing Breach of U.S. Telecoms by Chinese-Affiliated Salt Typhoon and Its Implications for the Water Sector
Related WaterISAC PIRs: 6, 6.1, 7, 7.1, 8, 10, 12
