China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

A naukri.com initiative

New

China-link...

Securityaffairs

Image Credit: Securityaffairs

China-linked APT group Salt Typhoon has breached several U.S. internet service providers in recent months to gather intelligence or carry out disruptive cyberattacks.
Experts are investigating whether the attackers gained access to Cisco Systems routers.
The group is also known as FamousSparrow and GhostEmperor.
The campaign appears focused on intelligence gathering rather than crippling infrastructure.
Chris Krebs from SentinelOne suggested that the group behind Salt Typhoon may be affiliated with China’s Ministry of State Security.
Chinese nation-state actors have shifted focus from stealing secrets to infiltrating critical U.S. infrastructure.
In August 2021, researchers reported that a China-linked APT group successfully compromised an internet service provider in order to poison DNS responses for target organisations.
China-linked APT group Daggerfly infiltrated an African telecom operator and used new malware in 2023.
In June 2019, a Chinese APT group named as APT10 was linked to the espionage campaign targeting telco providers in Operation Soft Cell.
China has consistently denied accusations about its involvement in cyberattacks.

Read Full Article

1 Like

For uninterrupted reading, download the app