During a discussion at the Foundation for Defense of Democracies, Cybersecurity and Infrastructure Security Agency Director Jen Easterly said the hacking group — dubbed Salt Typhoon — “was first seen by us on federal networks that then enabled law enforcement to unravel and ask for process in virtual private servers.”
Nine American telecommunications providers were ensnared in the hacks. Although 80 different telecom firms were reportedly breached by Salt Typhoon, several hundred organizations were notified that they may be at risk of compromise, Nextgov/FCW reported in December.
Major providers have recently said in public statements that the hacking unit is no longer inside their networks, though it remains unclear if the cyberspies are entirely barred from all U.S.-linked telecom systems.
The group, which has ties to China’s Ministry of State Security, likely carried out its campaign for one to two years before it was discovered.
Easterly said government detection of the hackers occurred “before we understood it was Salt Typhoon.” Visibility into the workings of federal networks, however, allowed officials to connect the dots with the help of private sector tipsters, which Easterly said ultimately “led to kind of cracking open the larger Salt Typhoon piece.”
“We saw it as a separate campaign called another goofy cyber name, and we were able to — based on the visibility that we had within the federal networks — to be able to connect the dots,” she adde ..
Support the originator by clicking the read the rest link below.