The Chinese hacking group Salt Typhoon is still infiltrating U.S. telecom networks, despite being sanctioned from U.S. authorities.
The group, whose hacking activities have impacted the highest levels of the U.S. government, attempted to exploit more than 1,000 network devices of tech giant Cisco, according to a Feb. 13 report from cybersecurity firm Recorded Future.
-
The Importance of Prayer: How a Christian Gold Company Stands Out by Defending Americans’ Retirement
Between December and January, Salt Typhoon breached five telecom networks, including two in the United States, and targeted more than a dozen universities that could give Beijing valuable research and intellectual property, the researchers said.
These victims include a U.S.-based affiliate of a UK telecom provider and a U.S. internet service provider, as well as three from South Africa, Italy, and Thailand. Recorded Future’s Insikt Group observed seven Cisco devices associated with these firms were communicating with the hackers.
The Chinese state actors, which the researchers identified by the moniker “RedMike,” exploited two code vulnerabilities in Cisco network devices’ website interface. The first gave them initial access, and the latter provided “root privileges,” granting the hackers full control of the victim’s network. The hackers then reconfigured the device to retain persistent access. […]
— Read More: www.theepochtimes.com
