China’s Salt Typhoon Spies Are Still Hacking Telecoms

Salt Typhoon, the allegedly Chinese state-sponsored hacker group, is continuing to break into global telecom providers despite the group’s high-profile exposure last year.
Following the group’s targeting of US telecoms providers, the US government responded with sanctions, but Salt Typhoon has continued its operations.
Since last year’s expose, the group has targeted further US and UK telecoms, as well as Italian, South African and Thai providers, and a dozen universities globally.
Using Cisco’s IOS software, the group has targeted networking devices to gain initial access and root privileges, exploiting known vulnerabilities that the company has since advised users to patch.
Salt Typhoon is believed to have targeted these devices as they are often less well secured than other devices on a company’s network.

Fast Feed