Chinese state hackers may be preparing for war with Taiwan.
Salt Typhoon is behind major hacks of phone and internet companies worldwide. The hackers seek control of networks and steal data.
Beijing-linked hackers target networks through criminal and nation-state campaigns. One group focuses on telecom infrastructure while others prepare for disruptive cyberattacks.
The hackers compromise routers at network edges. They access surveillance systems that companies must install for law enforcement. This allows them to intercept calls and read messages.
The attacks are very widespread according to reports. Authorities urge people to use encrypted messaging apps.
United States
Major phone companies affected include AT&T and Verizon. Internet provider CenturyLink (now Lumen) was compromised. Some companies reported no customer data access.
Satellite company Viasat had tools stolen that law enforcement uses. Other providers like Charter (Spectrum) and Windstream were victims as well.
The attacks go beyond telecom companies. Hackers accessed National Guard networks, stealing data and reaching other state networks across U.S. territories.
North and South America
Researchers found attacks on Cisco devices at universities in Argentina and Mexico. Canada’s major telecom companies were hacked. Cisco routers at Canadian telecom providers were also compromised.
Ottawa officials warned about targeting beyond just telecommunications companies. Brazil saw Salt Typhoon activity according to security firms.
Asia, Africa, and Oceania
Attacks targeted Myanmar’s Mytel telecom provider and South African companies. Universities in Bangladesh, Indonesia, Malaysia, and Thailand had router attacks.
Japan warned about Salt Typhoon threats to networks. Australia and New Zealand reported telecom and critical infrastructure targeting. New Zealand also saw government, transportation, lodging, and military network attacks.
Europe
United Kingdom officials confirmed hacking activity. British government staff may have had phone records accessed. Norway confirmed multiple organizational hacks.
Smaller internet providers in Netherlands were targeted but not fully compromised. Italian and Czech internet providers reported attacks. Finland and Poland also experienced related incidents.