China-linked threat actors have compromised some U.S. internet service providers (ISPs) as part
of a cyber espionage campaign code-named Salt Typhoon. The cyber campaign is attributed to
the China-linked APT group Salt Typhoon, which is also known as FamousSparrow and
GhostEmperor.
The Wall Street Journal reported that experts are investigating the security breach to determine if
the attackers gained access to Cisco Systems routers, which are core network components of the
ISP infrastructures.
“The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly
disclosed and is the latest in a series of incursions that U.S. investigators have linked to China in
recent years. The intrusion is a sign of the stealthy success Beijing’s massive digital army of
cyberspies has had breaking into valuable computer networks in the U.S. and around the globe.”
https://securityaffairs.com/168941/apt/salt-typhoon-china-linked-threat-actors-breached-us-isp.html