On Wednesday, the US and 12 allied nations reported that China government-backed hackers have been working for years to break into critical infrastructure and government computer networks worldwide. This cybersecurity supply chain risk management
campaign, including Salt Typhon group, has struck over 80 countries, with over 200 in the US alone.
These attacks expose severe threats in supply chain cybersecurity, with attackers hitting powerful major telecommunication and transport industry networks. Such an attack makes Chinese intelligence able to track communications and the movement of individuals globally. This is a sophisticated threat that requires strict security measures and international cooperation.
Sophisticated Techniques Behind the Cyber Attacks
The Salt Typhoon team and their allies use advanced methods to intrude into networks and steal data quietly. Their smart strategy includes decoding network traffic to capture administrator credentials and modifying routers to maintain permanent access to systems. The advisory reveals how the hackers mostly target large backbone routers hosted by major telecom operators, besides other devices close to their victims.
Google Threat Intelligence Group’s lead analyst, John Hultquist, explained how the telecommunication systems’ knowledge of hackers gives them an advantage.
These practices underscore the importance of supply chain risk mitigation. The advisory further suggests measures that organizations need to implement in order to strengthen their defenses by embracing stronger cyber supply chain risk management practices and close network monitoring for anomalous activity.
Cyber Attacks on Operational Technology
The attack is greater than garden-variety cyber snooping, with attacks against operational technology that powers critical infrastructure.
By breaching telecom companies, attackers were able to vacuum up phone-call records, court-approved wiretap information, and other sensitive data. Such IT supply chain compromise can expose secretive communications and travel of targeted people.
“We are alarmed at the irresponsible behavior of the listed commercial enterprises in China that have enabled an unrestricted campaign of hostile cyber activity on a global basis,” said Richard Horne, CEO of UK National Cyber Security Centre, expressed serious concern over Chinese business involvement.
“The expectation of privacy here was violated, not just in the U.S., but globally,” Brett Leatherman, assistant director of the FBI’s Cyber Division told The Washington Post, emphasizing the scale and severity of this state-sponsored cyber-attack.
“This shows much more broad, indiscriminate targeting of critical infrastructure across the globe in ways that go well outside the norms of cyberspace operations.”
To mitigate supply chain risk, enterprises and governments are urged to establish robust supply chain risk mitigation plan. This includes strengthening security software development life cycles and safeguarding against software supply chain attacks that can provide hackers with backdoors.
“Information from these sectors can be used to develop a full picture of who someone is talking to, where they are, and where they are going,” John Hultquist chief analyst at Google’s Threat Intelligence Group added.
This cybersecurity supply chain risk management initiative promotes awareness of the necessity for effective cybersecurity supply chain risk management to protect global infrastructure from increasingly sophisticated threats.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.