Hackers linked to China are targeting US internet providers in the latest attack
Hackers linked to the Chinese government have broken into a “handful” of US internet service providers. The Wall Street Journal reports this.
Researchers are calling the hack ‘Salt Typhoon’. It comes just a week after the FBI announced it had shot down a new attack backed by the Chinese government known as ‘Flax Typhoon’. 200,000 internet-connected cameras, routers and other devices.
In the Salt Typhoon attack, hackers dug into broadband networks in an attempt to access sensitive data stored by internet service providers. While previous hacks have focused on crippling infrastructure, people familiar with the matter told the WSJ that this appears to be for intelligence gathering.
“The Chinese government will continue to attack your organizations and our critical infrastructure, either single-handedly or covertly through their proxies,” FBI Director Christopher Wray said at the Aspen Cyber Summit in Washington, just a week before the Salt Typhoon -attack.
These types of Chinese hacking operations have long been a regular occurrence, but the “skill and sophistication” has accelerated in recent years, intelligence officials say told the Journal.
“The Chinese government’s cyber threat is enormous,” Wray said earlier this year. “China’s hacking program is bigger than that of all other major countries combined.”
China has consistently denied any involvement in these attacks. Liu Pengyu, a spokesman for the Chinese embassy in Washington, accused U.S. intelligence agencies of “secretly collaborating to piece together false evidence” linking the Chinese government to the groups behind the Salt Typhoon hack.
Which internet providers are affected?
The WSJ report stated that researchers focused on Cisco Systems routers, which are network components that direct Internet traffic. A Cisco spokesperson told the WSJ that “there is no indication that Cisco routers are involved.” Microsoft is also reportedly investigating the attack.
Researchers from Lumen, the company that owns Internet service providers CenturyLink and Quantum Fiber, wrote last month that it had found malware in ISP routers that could reveal customers’ passwords. The report does not mention which internet providers may have been affected.
How to protect yourself against data breaches
While there is little evidence that an attack like Salt Typhoon is after the personal information of individual customers, there are some basic steps you should take to protect your personal information. Here’s what CNET experts recommend:
- Change your password regularly: When was the last time you changed your Wi-Fi router password? It’s a somewhat tedious job because you have to reconnect all your devices, but it’s an excellent way to strengthen your security after attacks that may have compromised credentials.
- Sign up for identity theft protection: If you’re concerned about your identity being stolen, these services monitor your credit and banking activity for about $7 to $15 per month.
Read your credit reports: You are entitled to a free credit report every week from each of the three major credit bureaus. This will give you basic information about your credit activity, including whether new accounts are being opened in your name.