{"id":2037480,"date":"2024-11-25T07:32:00","date_gmt":"2024-11-25T12:32:00","guid":{"rendered":"https:\/\/securityboulevard.com\/?p=2037480"},"modified":"2024-11-25T07:32:00","modified_gmt":"2024-11-25T12:32:00","slug":"the-cyberthreats-from-china-are-ongoing-u-s-officials","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/","title":{"rendered":"The Cyberthreats from China are Ongoing: U.S. Officials"},"content":{"rendered":"<p>Chinese-backed hackers continue to burrow into the IT networks of critical infrastructure in an ongoing campaign to steal data and position themselves in case of a conflict between the United States and China.<\/p>\n<p>A top U.S. cybersecurity official, speaking at the Cyberwarcon security conference in Arlington, Virginia, said threat groups are prepositioning themselves to disrupt networks services that could affect data centers, water systems, energy operations, and other critical infrastructure should such a conflict break out.<\/p>\n<p>Morgan Adamski, executive director of U.S. Cyber Command, said during the conference that U.S. government has \u201cexecuted globally synchronized activities, both offensively and defensively minded, that are laser-focused on degrading and disrupting PRC cyber operations worldwide,\u201d according to a <a href=\"https:\/\/www.reuters.com\/technology\/cybersecurity\/chinese-hackers-preparing-conflict-says-us-cyber-official-2024-11-22\/\" target=\"_blank\" rel=\"noopener\">report in Reuters<\/a>.<\/p>\n<p>Adamski\u2019s comments came a day after Senator Mark Warner, D-VA, <a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">told The Washington Post<\/a> that the hack of U.S. wireless carriers by a Chinese state-sponsored group, Salt Typhoon, represents the \u201cworst telecom hack in our nation\u2019s history.\u201d Warner is chairman of the Senate Intelligence Committee.<\/p>\n<h3>China a Growing Cyberthreat<\/h3>\n<p>U.S. law enforcement and intelligence officials have for several years pointed to China as the top foreign cyberthreat. That picture came into sharper focus in February, when CISA, the FBI, and the National Security Agency said that Volt Typhoon, another Chinese-sponsored group, had hacked into networks and systems of critical infrastructure organizations to <a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">preposition themselves<\/a> to strike if a conflict between the nations occurred.<\/p>\n<p>In some cases, the bad actors had been present in the networks for as long as five years.<\/p>\n<p>More recently, U.S. agencies in September unveiled the campaign by Salt Typhoon. Initial reports indicated that telecommunications firms, including AT&amp;T, Verizon, and Lumen Technologies were among Salt Typhoon\u2019s victims.<\/p>\n<p>T-Mobile executives this month confirmed that it also was targeted by the threat group, telling the Wall Street Journal that the <a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">company \u201cis closely monitoring<\/a> this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information.\u201d<\/p>\n<h3>Still in the Networks<\/h3>\n<p>Warner said Salt Typhoon had been able to move from one telecom to another by leveraging the trusted relationships between the companies and that the hackers are still in the networks. Unlike Volt Typhoon, Salt Typhoon\u2019s campaign appears more aimed at cyberespionage than hiding away in networks awaiting a time to strike.<\/p>\n<p>The attackers also targeted the phones of Donald Trump and Senator JD Vance, R-OH \u2013 Trump\u2019s running mate \u2013 and people working in Vice President Kamala Harris\u2019 presidential campaign and the State Department.<\/p>\n<p>\u201cThis is an ongoing effort by China to infiltrate telecom systems around the world, to exfiltrate huge amounts of data,\u201d the senator said.<\/p>\n<p>The attacks on the telecom giants were aimed in part on surveillance data gathered by law enforcement. Reports suggested that the cyber-spies may have <a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">accessed wiretapping information<\/a> to gain insights into the United States\u2019 surveillance efforts of Chinese nationals.<\/p>\n<h3>U.S. Government Responding<\/h3>\n<p>U.S. officials and lawmakers are pushing back at China\u2019s intrusions with what Cyber Command Adamski called \u201cglobally synchronized activities, both offensively and defensively minded, that are laser-focused on degrading and disrupting PRC [People\u2019s Republic of China] cyber operations worldwide.&#8221;<\/p>\n<p>Salt Typhoon\u2019s attacks on the telecom companies put a <a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">number of efforts into action<\/a>, with lawmakers pushing for information and the White House reportedly creating an emergency team to address the intrusion.<\/p>\n<p>In addition, White House officials met with telecom executives about the cyberthreats. Heading the meeting were National Security Advisor\u00a0Jake Sullivan and Anne Neuberger,\u00a0deputy national security advisor for cyber and emerging technology.<\/p>\n<p>According to the White House, the meeting was to \u201c<a href=\"https:\/\/www.washingtonpost.com\/national-security\/2024\/11\/21\/salt-typhoon-china-hack-telecom\/\" target=\"_blank\" rel=\"noopener\">share intelligence<\/a> and discuss the People\u2019s Republic of China\u2019s significant cyber espionage campaign targeting the sector\u201d and to \u201chear from\u00a0telecommunications sector executives\u00a0on how the\u00a0U.S.\u00a0Government can partner with and support the private sector on hardening against sophisticated nation state attacks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves in case of a conflict breaking out between the two countries.<\/p>\n","protected":false},"author":20461,"featured_media":1786176,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[230,23406,13571,21858,20984,14089,14097,98631,99462,99461,13418,14096,21129,1,14100],"tags":[61469,104025,100467,100791],"class_list":["post-2037480","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-security","category-blogs","category-data-security","category-sb-featured","category-incident-response","category-network-security","category-sb","category-social-facebook","category-social-linkedin","category-social-x","category-sb-spotlight","category-threat-intelligence","category-threats-breaches","category-uncategorized","category-sb-webinars","tag-china-espionage","tag-salt-typhoon-cyberattack","tag-telecom-networks","tag-volt-typhoon"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Cyberthreats from China are Ongoing: U.S. Officials - Security Boulevard<\/title>\n<meta name=\"description\" content=\"Chinese-back threat groups are still inside the critical infrastructure networks they&#039;ve infiltrated, including those of major telecoms.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Cyberthreats from China are Ongoing: U.S. Officials\" \/>\n<meta property=\"og:description\" content=\"U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves in case of a conflict breaking out between the two countries.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-25T12:32:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"330\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeffrey Burt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/\",\"name\":\"The Cyberthreats from China are Ongoing: U.S. Officials - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg\",\"datePublished\":\"2024-11-25T12:32:00+00:00\",\"dateModified\":\"2024-11-25T12:32:00+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a\"},\"description\":\"Chinese-back threat groups are still inside the critical infrastructure networks they've infiltrated, including those of major telecoms.\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg\",\"width\":770,\"height\":330,\"caption\":\"China, threats, scams, CISA TP-Link Volt Typhoon Salt Typhoon\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/securityboulevard.com\/category\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Network Security\",\"item\":\"https:\/\/securityboulevard.com\/category\/blogs\/network-security\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"The Cyberthreats from China are Ongoing: U.S. Officials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a\",\"name\":\"Jeffrey Burt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg\",\"caption\":\"Jeffrey Burt\"},\"description\":\"Jeffrey Burt has been a journalist for more than three decades, writing about technology since 2000. He\u2019s written for a variety of outlets, including eWEEK, The Next Platform, The Register, The New Stack, eSecurity Planet, and Channel Insider.\",\"url\":\"https:\/\/securityboulevard.com\/author\/jeffrey-burt\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The Cyberthreats from China are Ongoing: U.S. Officials - Security Boulevard","description":"Chinese-back threat groups are still inside the critical infrastructure networks they've infiltrated, including those of major telecoms.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/","og_locale":"en_US","og_type":"article","og_title":"The Cyberthreats from China are Ongoing: U.S. Officials","og_description":"U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves in case of a conflict breaking out between the two countries.","og_url":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-25T12:32:00+00:00","og_image":[{"width":770,"height":330,"url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg","type":"image\/jpeg"}],"author":"Jeffrey Burt","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/","url":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/","name":"The Cyberthreats from China are Ongoing: U.S. Officials - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage"},"thumbnailUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg","datePublished":"2024-11-25T12:32:00+00:00","dateModified":"2024-11-25T12:32:00+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a"},"description":"Chinese-back threat groups are still inside the critical infrastructure networks they've infiltrated, including those of major telecoms.","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#primaryimage","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg","width":770,"height":330,"caption":"China, threats, scams, CISA TP-Link Volt Typhoon Salt Typhoon"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/the-cyberthreats-from-china-are-ongoing-u-s-officials\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/securityboulevard.com\/category\/blogs\/"},{"@type":"ListItem","position":3,"name":"Network Security","item":"https:\/\/securityboulevard.com\/category\/blogs\/network-security\/"},{"@type":"ListItem","position":4,"name":"The Cyberthreats from China are Ongoing: U.S. Officials"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a","name":"Jeffrey Burt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg","caption":"Jeffrey Burt"},"description":"Jeffrey Burt has been a journalist for more than three decades, writing about technology since 2000. He\u2019s written for a variety of outlets, including eWEEK, The Next Platform, The Register, The New Stack, eSecurity Planet, and Channel Insider.","url":"https:\/\/securityboulevard.com\/author\/jeffrey-burt\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/10\/China-Infiltrate-US.jpg","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8y2A","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037480","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/20461"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037480"}],"version-history":[{"count":1,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037480\/revisions"}],"predecessor-version":[{"id":2037481,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037480\/revisions\/2037481"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media\/1786176"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}