Viasat, the US-based global communications company, on Tuesday, has been identified as one of the US telecom companies breached by the Chinese-backed espionage group Salt Typhoon in the lead up to the US presidential elections held last November.
Apparently, Viasat discovered the intrusion sometime this year, according to Bloomberg News, which first reported the story.
Salt Typhoon, a known nation-state adversary and Advanced Persistent Threat (APT) group sponsored by the Chinese government, made headlines last September after the US government discovered the group had breached more than half a dozen of the nation’s commercial telecoms infrastructure, including major companies such as Verizon, AT&T, T-Mobile, and Lumen Technologies.
The phone records of then-President-elect Donald Trump and running mate JD Vance, as well as some Kamala Harris campaign staffers, were all targeted by the group during the 2024 presidential campaign through Verizon.
Speaking to people familiar wth the matter, Bloomerg said Viasat has been working with the government in the aftermath.
The California-based high-speed satellite broadband provider supplies its services not only to private residences but also provides secure networking systems to the government and military sector, the aviation industry, and the oil and gas industry, among other commercial sectors.
The company confirmed the hack in a statement released Tuesday, noting that the investigation was deemed too sensitive to share details, but did state that none of its client data was compromised.
“Viasat and its independent third-party cybersecurity partner investigated a report of unauthorized access through a compromised device,” it said. “Upon completing a thorough investigation, no evidence was found to suggest any impact to customers.”
“Viasat believes that the incident has been remediated and has not detected any recent activity related to this event,” the company said.
The cyber incident is said to be unrelated to a 2022 Viasat cyberattack taking place in the months before the Russian invasion of Ukraine.
Salt Typhoon could still remain in systems
In December, US authorities added a ninth unnamed telecom company to the list of entities compromised by the hackers and said that the Chinese operatives gained access to networks with broad and full access, enabling them to "geolocate millions of individuals, to record phone calls at will," according to Reuters..
Salt Typhoon is also believed to be behind this February’s hack of the US Treasury Department, in which the threat actors were able to gain access to the laptops of some senior US officials.
Operating since 2020, the People’s Republic of China (PRC)-linked threat actors are said to be highly sophisticated, using anti-forensic and anti-analysis techniques that allow the group to go undetected for months.
It’s unclear how long Salt Typhoon had been lurking in the compromised telecom systems, but the FBI last year said that it's likely the threat group still remains in some of its victims.
Also known as GhostEmperor and FamousSparrow, the FBI warns that the “wide-ranging intelligence collection effort” is part of China’s ongoing cyber efforts to infiltrate US critical infrastructure.
Beijing has repeatedly denied any allegations of its involvement, calling the accusations disinformation.
Your email address will not be published. Required fields are markedmarked