“This is the ‘told you so’ moment we always feared,” one cybersecurity expert told reporters. “Backdoors don’t just let the good guys in. They’re open invitations for adversaries.”
FBI’s Advisory and Global Response
In a joint cybersecurity advisory PDF, the FBI and nearly two dozen international agencies warned that Salt Typhoon primarily targets backbone and edge routers in telecom networks.
Once inside, hackers modify routers to maintain persistent, long-term access, siphoning sensitive traffic and leveraging compromised devices to infiltrate additional networks.
The hackers’ activity overlaps with other known cyber threat groups, also tracked under names such as Operator Panda, RedMike, UNC5807, and GhostEmperor.
U.S. Officials Sound the Alarm
The severity of the breaches once prompted the FBI to recommend that Americans switch to encrypted messaging apps to protect calls and texts from interception.
Leatherman emphasized that the People’s Republic of China (PRC) state-sponsored actors continue to pose a threat across critical infrastructure sectors, including government, transportation, lodging, and even military networks.
