from Hotznplotzn@lemmy.sdf.org to cybersecurity@infosec.pub on 18 Jul 05:11
https://lemmy.sdf.org/post/38773577
cross-posted from: lemmy.sdf.org/post/38773576
A DoD report warns that China-nexus hacking group Salt Typhoon breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configs, admin credentials, and data exchanged with units across all U.S. states and several territories. This info could help future hacks and weaken state-level defenses against Chinese cyberattacks during crises, posing serious risks to U.S. critical infrastructure.
“A recent compromise of a US state’s Army National Guard network by People’s Republic of China (PRC)-associated cyber actors—publicly tracked as Salt Typhoon—likely provided Beijing with data that could facilitate thehacking of other states’ Army National Guard units, and possibly many of their state-level cybersecurity partners. If thePRC-associated cyber actors that conducted the hack succeeded in the latter, it could hamstring state-level cybersecuritypartners’ ability to defend US critical infrastructure against PRC cyber campaigns in the event of a crisis or conflict.” reads a report first seen by NBC News.
The report includes details on the tactics, techniques and procedures (TTPS) used by Salt Typhoon, along with a guidance to help National Guard and state governments detect, prevent, and mitigate this threat.
threaded - newest