Salt Typhoon breach Chinese APT compromises U.S. Army National Guard network

A DoD report warns that a China-nexus hacking group, Salt Typhoon, breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configurations, admin credentials, and data exchanged with units across all U.S. states and several territories. This information could help facilitate future hacks and weaken state-level defenses against Chinese cyberattacks during crises, posing serious risks to U.S. critical infrastructure.

According to the report, this compromise may have provided Beijing with data that could facilitate the hacking of other states’ Army National Guard units and potentially many of their state-level cybersecurity partners. Such an outcome could severely limit these partners’ ability to defend U.S. critical infrastructure against Chinese cyber campaigns during an emergency.

The report includes details on the tactics, techniques, and procedures (TTPs) used by Salt Typhoon, along with guidance to help National Guard and state governments detect, prevent, and mitigate this threat.

To read the complete article see: Security Affairs

Learn more here: Document Cloud