Advertise with Us
CybersecurityUpdate

FBI: Chinese Hackers Salt Typhoon Steal US Data, Enable Global Surveillance

The FBI revealed that Chinese hacking group Salt Typhoon has infiltrated U.S. telecom networks since 2019, stealing personal data from nearly every American and enabling surveillance. Affecting over 80 countries and 200 firms, the breach highlights global vulnerabilities. International agencies are urging enhanced defenses to counter these ongoing threats.
FBI: Chinese Hackers Salt Typhoon Steal US Data, Enable Global Surveillance
Written by Eric Hastings
Sunday, August 31, 2025

In a stark revelation that underscores the escalating threats from state-sponsored cyber operations, the FBI’s top cyber official has disclosed that the Chinese hacking group known as Salt Typhoon has compromised telecommunications networks on a scale affecting “nearly every American.” This intrusion, part of a broader campaign spanning years, has allowed hackers to siphon off vast amounts of personal data, including call records, text messages, and metadata from millions of individuals.

The operation, attributed to actors backed by the Chinese government, targeted major U.S. telecom providers, exploiting vulnerabilities in their infrastructure to gain persistent access. According to details shared at a recent cybersecurity conference, the hackers not only stole data but also conducted real-time surveillance on specific targets, raising alarms about potential espionage and intelligence gathering.

Unprecedented Scale of the Breach

FBI Assistant Director for Cyber Brett Leatherman emphasized that the campaign extended beyond the U.S., impacting over 80 countries and at least 200 American firms. As reported in The Register, Leatherman described the hackers’ activities as “ongoing,” with intrusions dating back to at least 2019. The group, linked to China’s Ministry of State Security, has been accused of using sophisticated techniques to burrow into networks, often remaining undetected for months or even years.

This breach has exposed critical weaknesses in global telecom infrastructure, where interconnected systems allow threats to propagate rapidly. Intelligence from allied agencies, including the NSA and international partners, points to three Chinese tech companies providing tools and services that facilitated these attacks, as outlined in a joint advisory.

Involvement of Chinese Tech Firms

The advisory, co-authored by the FBI, NSA, and counterparts from countries like Australia and Canada, accuses these firms of supplying cyber-related products to Chinese intelligence since 2021. Publications such as The Record from Recorded Future News have highlighted how these companies enabled the People’s Liberation Army and other state entities to conduct operations against telecoms, transportation, and even military infrastructure.

Industry insiders note that Salt Typhoon’s tactics involve exploiting edge devices like routers and switches, redirecting sensitive traffic for exfiltration. This has led to the theft of data from sectors beyond telecoms, including government and critical infrastructure, amplifying the geopolitical risks.

Global Response and Mitigation Efforts

In response, the FBI has ramped up efforts to disrupt these operations, including takedowns of related botnets and public calls for information on the hackers. A recent FBI bulletin, as covered by The Washington Post, urges telecom providers to enhance visibility into their networks and implement hardening measures, such as multi-factor authentication and traffic monitoring.

International collaboration has been key, with agencies issuing guidance to counter these threats. For instance, a joint cybersecurity advisory from the NSA and others, detailed in Security Boulevard, provides technical steps to detect and mitigate intrusions, emphasizing the need for end-to-end encryption to protect communications.

Implications for National Security

The fallout from Salt Typhoon extends to potential blackmail and influence operations, with hackers accessing data that could compromise high-profile individuals. Reports from India Today describe this as one of history’s largest breaches, affecting not just privacy but also economic stability through industrial espionage.

For cybersecurity professionals, this incident highlights the urgency of proactive threat hunting and international intelligence sharing. As Leatherman noted, the campaign’s persistence demands a shift from reactive defenses to disrupting adversaries at their source.

Looking Ahead: Strengthening Defenses

Efforts to attribute and prosecute those involved are intensifying, with the FBI seeking tips on Salt Typhoon actors. Meanwhile, affected companies face mounting pressure to audit their systems, as the breach’s full extent may still be unfolding.

Ultimately, this episode serves as a wake-up call for bolstering resilience against nation-state actors, ensuring that critical networks are fortified against increasingly bold intrusions.

Subscribe for Updates

CybersecurityUpdate Newsletter

The CybersecurityUpdate Email Newsletter is your essential source for the latest in cybersecurity news, threat intelligence, and risk management strategies. Perfect for IT security professionals and business leaders focused on protecting their organizations.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.

Notice an error?

Help us improve our content by reporting any issues you find.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us
About Us

WebProNews is a leading publisher of business and technology email newsletters and websites.

Reach our audience
Publication Categories
WebProNews is an iEntry Publication
©2025 iEntry, Inc. All rights reserved. Privacy Policy | Legal | Contact Us |