FBI Awaits Signal That Salt Typhoon is Fully Excised from Telecom Firms, Official Says
The Federal Bureau of Investigation (FBI) is closely monitoring the situation with regards to the Salt Typhoon hacking incident, which has been linked to Chinese hackers. According to Brett Leatherman, FBI Deputy Director for Cyber Operations, "there's a lot of work focused on containment" when it comes to the Salt Typhoon hacks.
Leatherman, who was speaking at the recent RSAC Conference in San Francisco, California, emphasized the importance of public-private partnerships in addressing cyber threats. "The cyber discipline doesn't have the visibility that the private sector has, and conversely, they don't have the visibility that we have," he said.
Leatherman highlighted the FBI's unique position as having 55 field offices across the country, allowing for a forward-deployed workforce to respond to threats in real-time. "The trust is still there," he noted, citing the continued cooperation between the FBI and private sector partners.
The Status of Salt Typhoon
Industry representatives have claimed that the Chinese hacking unit behind the Salt Typhoon attacks has been cleared out and their networks secured. However, Leatherman remained cautious, stating that "every victim is different" and that there is still ongoing work focused on containment.
"We have multiple victims within the telecommunications sector who've been impacted by the Salt Typhoon activity," he explained. "Each of them is doing an assessment as to what the state of impact is in their infrastructure." Leatherman also noted that the FBI is continuing to investigate whether the hackers established persistent points of ingress into the affected networks.
Measuring the Impact of Volt Typhoon
Leatherman discussed the case of Volt Typhoon, another Chinese hacking group that has targeted civilian critical infrastructure. While the hackers were able to exploit additional devices over time, they have not fully reconstituted their ability to affect critical infrastructure.
Engaging with China on Cyber Threats
The FBI is aware of reports suggesting that China has tacitly acknowledged its involvement in hacking into U.S. critical infrastructure. Leatherman emphasized the importance of diplomacy in addressing this issue, stating that the administration relies on the White House to engage in diplomatic efforts.
Ransomware Attacks and National Security Concerns
Leatherman highlighted two pressing concerns: the continued onslaught of ransomware attacks against critical infrastructure, which "keeps us up at night," and the changing posture of China, which has taken a more aggressive stance in recent months.
Private Industry Resilience and International Partnerships
Despite these challenges, Leatherman expressed optimism about the resilience of private industry and the effectiveness of public-private partnerships in addressing cyber threats. He noted that international partnerships continue to grow closer, which is essential for the FBI's operations.