Chinese hackers associated with the Salt Typhoon cyberespionage operation have recently breached additional US telecommunications firms, expanding their campaign beyond earlier reported targets. New victims now include Charter Communications, Consolidated Communications, and Windstream, joining the ranks of AT&T, Verizon, T-Mobile, and Lumen Technologies. Initially, US authorities had confirmed that at least nine telecom firms were affected by the intrusion.
This alarming increase in cyber intrusions underscores a significant threat to US critical infrastructure and emphasizes the pressing need for cybersecurity reforms. According to The Wall Street Journal, the Salt Typhoon operation is believed to be linked to state-sponsored Chinese actors who infiltrate telecommunications firms to access sensitive information, steal intellectual property, and potentially disrupt communication networks.
The hackers exploited unpatched vulnerabilities in widely used hardware like Cisco routers and Fortinet devices, embedding themselves deep within the affected systems. Previous reports suggested that the Salt Typhoon attackers had already compromised networks belonging to major firms to monitor sensitive communications. For instance, Verizon indicated that a limited number of high-profile targets in government and politics had experienced breaches, raising national security concerns. While some firms like Lumen and T-Mobile claim to have eliminated active threats, experts caution about existing vulnerabilities.
Beyond telecom companies, the implications of the Salt Typhoon group’s actions extend to broader national security hazards. A classified briefing led by US National Security Adviser Jake Sullivan highlighted that Chinese hackers potentially have the capability to disrupt critical systems, including major ports and power grids.
In response to these escalating cyber threats, FCC Chairwoman Jessica Rosenworcel proposed regulations requiring telecommunications companies to submit annual certifications regarding their cybersecurity measures. This initiative aims to bolster the framework for addressing threats posed by increasingly sophisticated adversaries.
Additionally, the US Consumer Financial Protection Bureau (CFPB) took precautionary measures, prohibiting its employees from conducting work-related calls on mobile phones following significant breaches attributed to Chinese hackers. Employees have been advised to use secure communication platforms.
The Salt Typhoon disclosures highlight a broader trend of state-sponsored cyber operations targeting US technological infrastructures. The telecom sector, critical for industries like finance and energy, proves especially susceptible to such attacks. While Chinese officials refute accusations, the continuous breaches point to an urgent need for international cooperation to deter further intrusions. Federal agencies and private sector organizations must act promptly to mitigate these risks through improved oversight, collaboration, and investments in advanced security measures.