HQ/EMEAFind out how we can help your business
The networks of AT&T and Verizon were the subject of the Salt Typhoon attack as part of an extensive Chinese espionage campaign targeting telecom operators worldwide. The latest update revealed that both affected companies have already removed the compromise from their systems.
According to the latter affected company, they have not observed the threat actor activity in their network in a long time. However, after an extensive investigation, they claimed that their network contained the actions linked with the malicious event.
On the other hand, AT&T released a statement stating that it has collaborated with law enforcement agencies and is working with other telecom firms to assess the situation. It also noted that it discovered a small number of situations in which attackers attempted to collect foreign intelligence information.
The company also stated that they currently detect no activity by nation-state actors in their networks.
The Salt Typhoon campaign has also allegedly targeted T-Mobile.
In November last year, T-Mobile disclosed that the China-backed Salt Typhoon APT group infiltrated some of its routers, allowing it to identify ways to move laterally across its network. However, the company’s Chief Security Officer insisted that their carrier’s cyber protections prevented the attack from coming via a connected wireline provider’s network.
Furthermore, they stated that the threat actors did not acquire access to sensitive customer information. The company also isolated its provider’s network to prevent the spreading of the attack if it is factual.
In response to the telecom intrusions, the US government apparently aims to prohibit Chinese Telecom’s products that are active in US operations. The administration also considers banning TP-Link routers if further investigations reveal their use in cyberattacks poses a national security concern.
An FCC representative explained that their agency would act urgently to ensure that US providers were obligated to secure their infrastructure.
The Salt Typhoon Chinese cyber-espionage gang responsible for this hacking spree has been operating since at least 2019 and has breached numerous telecom firms and government agencies across SEA.
The public should consider removing Chinese-manufactured internet devices for now since they are alleged to be the cause of these data breaches campaigns to prevent these attacks.
