FBI cyber cop Salt Typhoon pwned nearly every American The Register

pChinas Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the yearslong intrusion into telecommunications networks according to a top FBI cyber officialppTheres a good chance this espionage campaign has stolen information from nearly every American Michael Machtinger deputy assistant director for the FBIs cyber division told The RegisterppTheres a thought among the public that if you dont work in a sensitive area that the PRC might be interested in for its traditional espionage activities then you are safe they will not target you he said during a Thursday interview with The Register As we have seen from Salt Typhoon this is no longer an assumption that anyone can afford to makeppThe Beijingbacked spying campaign began at least in 2019 but wasnt uncovered by US authorities until last fall On Wednesday US law enforcement and intelligence agencies along with those from 12 other countries warned the ongoing espionage activity expanded far beyond nine American telcos and government networks According to Machtinger at least 80 countries were hit by the digital intrusionsppAround 200 American organizations were compromised by the espionage activity Machtinger said including the previously disclosed telecommunications firms such as Verizon and ATTppYesterdays joint security alert also pointed the allies collective finger at three Chinabased entities affiliated with Salt Typhoon Sichuan Juxinhe Network Technology Beijing Huanyu Tianqiong Information Technology and Sichuan Zhixin Ruijie Network Technology These companies and likely others provide cyber products and services to Chinas Ministry of State Security and Peoples Liberation Army the governments saidppWhat the PRC is doing through these proxy actors is really reckless and unbounded in a way that is significantly outside of the norms of what we see in the espionage spaceppThis is one of the most consequential cyber espionage breaches that weve ever seen in the United States Machtinger saidppWhat this really underscores is that what the PRC is doing through these proxy actors is really reckless and unbounded in a way that is significantly outside of the norms of what we see in the espionage space he added And that should really set off alarm bells for us not only in the United States The scale of indiscriminate targeting is unlike what weve seen in the pastppThis indiscriminate targeting as the FBI and White House security officials have previously noted allowed Beijings snoops to geolocate millions of mobile phone users monitor their internet traffic and in some cases record their phone calls Victims reportedly included President Donald Trump and Vice President JD VanceppMachtinger declined to confirm whether Trump and Vance were among those surveilled but did say that victims included more than 100 current and former presidential administration officialsppAs we look at the impact on the different sets of victims he said Salt Typhoon collected bulk information from millions of AmericansppFor the more targeted group of individuals most of whom are very highprofile current and former presidential administration officials and campaign appointees from both major political parties the data collection went much deeper Machtinger added Down to intercepting actual contentppIn addition to Salt Typhoon the feds over the past year have issued warnings about other Chinese cyber operations These include Volt Typhoon intruders who infected hundreds of outdated routers to build a botnet and break into US critical infrastructure facilities The Beijingbacked crew we would later learn was prepositioning itself and readying destructive cyberattacksppAnother Chinalinked crew Silk Typhoon has spent more than a decade compromising IT and cloud providers to steal sensitive data from their government technology education and legal and professional services customersppChina is not the only source of threats Machtinger noted Russia Iran North Korea plus along with homegrown and international cybercriminals and ransomware crooks assault computers and networks of both individuals and organizations every dayppThese actors are going to continue their efforts and theyre going to get more sophisticated Machtinger said We need to make sure that we a nation are taking cybersecurity seriously updating systems removing endoflife devices and making it as hard and costly as possible for the myriad of actors that are out there to successfully compromise ppSend us newsppThe Register Biting the hand that feeds ITpp
Copyright All rights reserved 19982025

p