Salt Typhoon breach Chinese APT compromises U.S. Army National Guard network

A DoD report warns that China-nexus hacking group Salt Typhoon breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configs, admin credentials, and data exchanged with units across all U.S. states and several territories. This info could help future hacks and weaken state-level defenses against Chinese cyberattacks during crises, posing serious risks to U.S. critical infrastructure.

“A recent compromise of a US state’s Army National Guard network by People’s Republic of China (PRC)-associated cyber actors—publicly tracked as Salt Typhoon—likely provided Beijing with data that could facilitate the hacking of other states’ Army National Guard units, and possibly many of their state-level cybersecurity partners. If the PRC-associated cyber actors that conducted the hack succeeded in the latter, it could hamstring state-level cybersecurity partners’ ability to defend US critical infrastructure against PRC cyber campaigns in the event of a crisis or conflict,” reads a report first seen by NBC News.

The report includes details on the tactics, techniques and procedures (TTPS) used by Salt Typhoon, along with a guidance to help National Guard and state governments detect, prevent, and mitigate this threat.

To read the complete article see:
Security Affairs - Salt Typhoon breach

Learn more here:
Document Cloud - Salt Typhoon Report

Working at Team Cymru is more than a job — it’s a chance to be part of something meaningful.
Enjoy outstanding benefits, work with incredible people, and contribute to a mission that truly matters.
Explore open roles and join us.