The FBI has issued a public appeal for information concerning an ongoing cyber campaign targeting US telecommunications infrastructure, attributed to actors affiliated with the People’s Republic of China (PRC). This cyber operation, tracked under the moniker Salt Typhoon, has compromised networks at multiple US telecommunications companies and resulted in the theft of sensitive data. As the investigation continues, the FBI is calling on the public to help identify individuals involved in these malicious activities.
The Scope of the Salt Typhoon Campaign
The Salt Typhoon operation, which has been under investigation for several months, is part of a broader campaign by PRC-affiliated threat actors seeking to exploit vulnerabilities in critical US telecommunications infrastructure. The FBI’s ongoing probe into these activities, officially marked under alert number I-042425-PSA, has revealed that attackers have gained access to vast amounts of data.
This includes call data logs, private communications involving government officials and political figures, and select information requested by US law enforcement through court orders. The investigation indicates a global scope, with the malicious actors potentially targeting individuals and organizations worldwide.
Previous FBI and Government Alerts on Salt Typhoon
The FBI has previously alerted the public to this threat with joint statements from the Cybersecurity and Infrastructure Security Agency (CISA) and other government agencies on October 25, 2024, and November 13, 2024. On December 3, 2024, a comprehensive guide titled Enhanced Visibility and Hardening Guidance for Communications Infrastructure was released, providing critical advice for telecommunications providers to upgrade defenses against PRC-affiliated cyber threats.
FBI’s Ongoing Commitment to Disrupting Salt Typhoon
In response to this cybersecurity challenge, the FBI continues to work closely with industry partners and US government agencies to mitigate the damage caused by Salt Typhoon. As part of its efforts, the FBI is seeking specific information that could lead to the identification of the individuals responsible for this campaign. The agency urges those with knowledge of these activities to come forward and provide any relevant details.
Rewards for Justice Program: Up to $10 Million for Tips
In addition to the FBI’s request, the U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information that leads to the identification of individuals linked to foreign government-directed cyberattacks on US critical infrastructure. This initiative highlights the US government’s commitment to identifying and prosecuting those involved in cyber espionage and other malicious activities in violation of the Computer Fraud and Abuse Act (CFAA).
Data Theft and Espionage Linked to PRC-affiliated Hackers
The Salt Typhoon campaign has already been linked to several large-scale incidents where PRC-affiliated actors infiltrated commercial telecommunications infrastructure to steal data. The targets of this espionage effort have largely been individuals connected to government and political activities, though the full extent of the damage continues to unfold. The FBI and CISA have been providing technical assistance to affected companies, sharing information to help other potential victims protect themselves.
Strengthening Cyber Defenses in the Telecommunications Sector
The FBI is working alongside other international agencies to enhance the visibility and resilience of the global telecommunications sector. Notably, the US has also collaborated with agencies in Australia, Canada, and New Zealand, sharing insights into defensive measures and strengthening global cybersecurity efforts. These coordinated actions are aimed at reducing the vulnerability of critical telecommunications infrastructure worldwide to Salt Typhoon and other cyber threats.
As of the latest updates, PRC-affiliated hackers have exploited pre-existing vulnerabilities in telecommunications infrastructure. Their ability to exploit these weaknesses underlines the importance of proactive network monitoring and the need for organizations to implement rigorous security measures. The FBI has urged telecommunications companies to closely scrutinize network configurations, monitor unusual behavior, and employ strong encryption methods to protect sensitive data from future compromises.
Conclusion
Organizations that suspect they have been targeted by Salt Typhoon or similar campaigns are urged to contact their local FBI field offices immediately. Individuals with information on the identities or activities of those behind Salt Typhoon can report their tips securely through the FBI’s Internet Crime Complaint Center (IC3) or the Rewards for Justice program’s secure channels.
As the investigation continues, authorities emphasize the importance of ongoing collaboration between government agencies and the private sector to protect US telecommunications networks from further cyber threats.
