Who is Salt Typhoon Really? Unraveling the Attribution Challenge

Our previous post about Salt Typhoon provided an initial commentary on the Joint Cybersecurity Advisory on Salt Typhoon issued on August 27, 2025. The advisory identified three Chinese companies - Sichuan Juxinhe Network Technology Co. Ltd. (四川聚信和网络科技有限公司), Beijing Huanyu Tianqiong Information Technology Co., Ltd. (北京寰宇天穹信息技术有限公司), and Sichuan Zhixin Ruijie Network Technology Co., Ltd. (四川智信锐捷网络科技有限公司) - as suppliers of products and services to Salt Typhoon and other overlapping groups such as OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor. After examining these three Chinese companies and their possible roles in Salt Typhoon-related cyber operations, we presented a few questions worth further exploration. In this post, we will address questions about the involvement of Chinese companies in state-sponsored cyber operations and share some observations on threat attribution from the joint advisory.

Read the complete article here.

Apply for our next conference in Kuala Lumpur on December 9th and 10th, 2025.