The U.S. National Security Agency is warning of continued Chinese cyber intrusions into virtually all internet-connected systems and devices. Warnings about the Chinese-supported “Salt Typhoon” hacking operation have been released periodically for about a year.
A joint cybersecurity advisory (CSA), recently published by more than a dozen international law enforcement organizations, outlines the operations of state-sponsored threat groups linked to China, with Salt Typhoon highlighted as a primary focus.
The advisory notes that Salt Typhoon remains an active threat to global telecommunications providers and critical infrastructure. The hackers are capable of altering routers to maintain access over long periods of time. The report linked three Chinese companies with direct involvement in providing resources and intelligence.
The CSA, titled “Countering Chinese State-Sponsored Actors’ Compromise of Networks Worldwide to Feed Global Espionage System,” also provides detailed information on the tactics, techniques, and procedures (TTPs) used by the hacking enterprise, along with technical guidance to block and monitor attacks.
The report said the Chinese-backed computer intrusions “are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks.”
Cynthia Kaiser, a former government communications systems investigator who tracked hacking for the FBI, told The New York Times, “I can’t imagine any American was spared given the breadth of the campaign.”
She added that investigators could not be certain if the hackers intended to store data captured from U.S. residents or if that was simply a byproduct of the heightened level of hacking. The range of systems targeted in the new round of attacks, she said, is more widespread than some of the earlier Salt Typhoon intrusions that appeared to target people with security and government connections.
© 2025 Newsmax. All rights reserved.
