FBI Asks Public for Tips on Salt Typhoon Telecom Hacks

In a growing cyber threat landscape, the Federal Bureau of Investigation (FBI) is now reaching out to the public for information regarding the Salt Typhoon hacking campaign. The agency has confirmed that at least nine U.S. telecom firms and systems were accessed by Salt Typhoon, which breached major telecommunications providers and their wiretap request systems over a two-year period. This breach resulted in the theft of call data logs, private communications involving identified victims, and the copying of select information subject to court-ordered law enforcement requests.

The FBI released a bureau notice on Thursday stating that they maintain their commitment to protecting the U.S. telecommunications sector by identifying, mitigating, and disrupting Salt Typhoon's malicious cyber activity. The agency urges anyone with information about the individuals who comprise Salt Typhoon or other Salt Typhoon activity to come forward. In its investigation, it has been discovered that Salt Typhoon compromised Cisco platforms at a U.S.-based affiliate of a prominent United Kingdom telecom operator and a South African provider, according to February research disclosed by a private sector threat intelligence firm. Furthermore, several hundred organizations — both communications firms and entities in other sectors — were notified that they may be at risk of compromise by the hacking collective. The hackers targeted "lawful intercept" systems used by law enforcement to surveil suspected criminals and spies. Telecom providers are required to engineer their networks for these legal access requests under the 1994 Communications Assistance for Law Enforcement Act. In December, Nextgov/FCW reported that several hundred organizations were notified that they may be at risk of compromise by the hacking collective. The Salt Typhoon hacks led to an unprecedented breach into the personal communications of President Donald Trump and Vice President JD Vance, as well as other high-profile officials tied to the White House. An investigatory body in the Department of Homeland Security was probing these hacks but was cleared out soon after Inauguration Day. The Treasury Department subsequently sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., accusing the company of having "direct involvement" with China's Ministry of State Security in the Salt Typhoon infiltrations. Trump-appointed officials and allies have vowed to exact revenge on China for the hacks, calling for a more offensive deterrent approach in cyberspace. In response to this growing threat, it is essential for citizens to be vigilant and report any suspicious activities they come across while browsing online or communicating with friends and family. If you believe that your personal information has been compromised by Salt Typhoon, contact the FBI immediately.