A coalition of twenty-three cyber, defense, and intelligence agencies from the United States and allied nations has released a joint advisory detailing the tactics employed by Chinese state-sponsored hackers. This announcement, made on August 27, 2023, highlights the involvement of three Chinese companies in cyber intrusions that targeted major telecommunications networks in the United States last year.
The advisory indicates that these malicious cyber actors have compromised networks globally, feeding into a broader espionage system backed by the Chinese government. This effort aims to gather sensitive information and undermine security measures in various sectors.
Among the entities named in the advisory is the Sichuan Juxinhe Network Technology Co., Ltd., which is already under U.S. sanctions. The advisory also identified two additional companies that had not previously been disclosed: Beijing Huanyu Tianqiong Information Technology Co., Ltd. and Sichuan Zhixin Ruijie Network Technology Co., Ltd..
The playbook outlined in the advisory provides a comprehensive overview of the techniques used by the Salt Typhoon group. This group has been linked to various cyber operations targeting critical infrastructure and telecommunications. The advisory urges organizations and networks to be vigilant and proactively seek out signs of similar malicious activity.
Authorities emphasize that the implications of these cyber threats extend beyond geopolitical tensions, impacting businesses and individuals worldwide. The call for vigilance includes recommendations for enhanced cybersecurity measures and collaboration among international partners to combat such threats.
With the rise of state-sponsored cyber activities, the importance of safeguarding digital infrastructures has never been more critical. The joint advisory serves as a crucial reminder for organizations to fortify their defenses and stay informed about emerging threats in the cybersecurity landscape.