It is being reported that Salt Typhoon, an elite Chinese cyberspy group, hacked at least one US state’s National Guard network for nearly a year, the Department of Defense has found. Rather than quote anything, click the link and read for yourself. It will blow your mind.
Ensar Seker, CISO at SOCRadar:
“The revelation that Salt Typhoon maintained access to a U.S. National Guard network for nearly a year is a serious escalation in the cyber domain. This isn’t just an opportunistic intrusion. It reflects deliberate, long-term espionage designed to quietly extract strategic intelligence. The group’s sustained presence suggests they were gathering more than just files, they were likely mapping infrastructure, monitoring communication flows, and identifying exploitable weak points for future use. What’s deeply concerning is that this activity went undetected for so long in a military environment. It raises questions about visibility gaps, segmentation policies, and detection capabilities in hybrid federal-state defense networks. It’s another reminder that advanced persistent threat actors like Salt Typhoon are not only targeting federal agencies but also state-level components where the security posture might be more varied.”
Erich Kron, Security Awareness Advocate at KnowBe4:
“In a time where we are often fooled into thinking cybercrime means somebody telling us that we missed jury duty, or convincing our loved ones of a long-distance romantic relationship, we sometimes miss the fact that this is more than a game and is played at the nation state level. Cybercrime has real dangers for real people and real governments as well.”
“The Typhoon groups, several different alleged Chinese-backed cybercrime groups that carry the ‘Typhoon’ moniker as part of their name, have been known to be very stealthy and very effective. This is just another example of the trouble they can cause and danger that they pose. While this was at the state level with the National Guard, it still goes to demonstrate that even our military forces are at risk from these cybercrime groups. As we’ve seen in several recent conflicts, cyberattacks play a critical role in military actions, often being coordinated with boots-on-the-ground actions as well.”
“These criminal groups must be taken seriously, which means that everyone from senior government leadership to the average citizen, needs to be at least somewhat aware of the threats, how to spot them, and who to report them to. Whether it’s stealing money from individuals to fund other operations, or trying to cripple infrastructure through cyberattacks, these bad actors are a clear and present danger
The fact that this group was able to basically stroll into this environment, pitch a tent, start a campfire and stay there for an entire year is crazy. It really shows that organizations seriously need to try harder to keep the bad guys out. Because who knows what these threat actors were able to do with the access that they had.
Like this:
Like Loading...
Related
This entry was posted on July 16, 2025 at 11:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Salt Typhoon Hacked National Guard for Nearly a Year…. WTF??
It is being reported that Salt Typhoon, an elite Chinese cyberspy group, hacked at least one US state’s National Guard network for nearly a year, the Department of Defense has found. Rather than quote anything, click the link and read for yourself. It will blow your mind.
Ensar Seker, CISO at SOCRadar:
“The revelation that Salt Typhoon maintained access to a U.S. National Guard network for nearly a year is a serious escalation in the cyber domain. This isn’t just an opportunistic intrusion. It reflects deliberate, long-term espionage designed to quietly extract strategic intelligence. The group’s sustained presence suggests they were gathering more than just files, they were likely mapping infrastructure, monitoring communication flows, and identifying exploitable weak points for future use. What’s deeply concerning is that this activity went undetected for so long in a military environment. It raises questions about visibility gaps, segmentation policies, and detection capabilities in hybrid federal-state defense networks. It’s another reminder that advanced persistent threat actors like Salt Typhoon are not only targeting federal agencies but also state-level components where the security posture might be more varied.”
Erich Kron, Security Awareness Advocate at KnowBe4:
“In a time where we are often fooled into thinking cybercrime means somebody telling us that we missed jury duty, or convincing our loved ones of a long-distance romantic relationship, we sometimes miss the fact that this is more than a game and is played at the nation state level. Cybercrime has real dangers for real people and real governments as well.”
“The Typhoon groups, several different alleged Chinese-backed cybercrime groups that carry the ‘Typhoon’ moniker as part of their name, have been known to be very stealthy and very effective. This is just another example of the trouble they can cause and danger that they pose. While this was at the state level with the National Guard, it still goes to demonstrate that even our military forces are at risk from these cybercrime groups. As we’ve seen in several recent conflicts, cyberattacks play a critical role in military actions, often being coordinated with boots-on-the-ground actions as well.”
“These criminal groups must be taken seriously, which means that everyone from senior government leadership to the average citizen, needs to be at least somewhat aware of the threats, how to spot them, and who to report them to. Whether it’s stealing money from individuals to fund other operations, or trying to cripple infrastructure through cyberattacks, these bad actors are a clear and present danger
The fact that this group was able to basically stroll into this environment, pitch a tent, start a campfire and stay there for an entire year is crazy. It really shows that organizations seriously need to try harder to keep the bad guys out. Because who knows what these threat actors were able to do with the access that they had.
Share this:
Like this:
Related
This entry was posted on July 16, 2025 at 11:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.