Archived link
Beijing's Salt Typhoon cyberspies had been seen in US government networks before telcos discovered the same foreign intruders in their own systems, according to CISA boss Jen Easterly.
Speaking at a Foundation for Defense of Democracies (FDD) event on Wednesday, the agency director said her threat hunters detected the Chinese government goons in federal networks before the far-reaching espionage campaign against people's telecommunications providers had been found and attributed to Salt Typhoon.
"We saw it as a separate campaign, called it another goofy cyber name, and we were able to, based on the visibility that we had within the federal networks, connect some dots," and tie the first set of snoops to the same crew that burrowed into AT&T, Verizon, and other telecoms firms' infrastructure, Easterly noted.
By compromising those telcos โ specifically, the systems that allow the Feds to lawfully monitor criminal suspects [the U.S. Wiretap system} โ Salt Typhoon had the capability to geolocate millions of subscribers, access people's internet traffic, and record phone calls at will.
This visibility into federal government networks, combined with private-industry tips coming into CISA, led to the FBI and other law enforcement agencies obtaining court-approved access to Salt-Typhoon-leased virtual private servers.
"That then led to cracking open the larger Salt Typhoon piece," Easterly said.
Still, she cautioned, "what we have found is likely just the tip of the iceberg" when it comes to Chinese intrusions into American critical infrastructure.
"China is the most persistent and serious cyber threat to the nation and to our national critical infrastructure," Easterly warned, adding that Salt Typhoon isn't her biggest worry when it comes to Middle Kingdom cyberthreats.
[...]
The public later learned that the same PRC-backed crew had compromised at least one large US city's emergency services network, been conducting reconnaissance on "multiple" American electric companies, and was still lurking inside power, water, and comms systems, preparing to "wreak havoc" on American infrastructure and "cause societal chaos" in the US.