Chinese Cyber Attack on the US National Guard
July 16, 202531 ViewsRead Time: 2 minutes
Font Size
16
The US Department of Defense (the Pentagon) has revealed a widespread cyber breach targeting the National Guard network in at least one US state, carried out by the advanced Chinese espionage group known as "APT Salt Typhoon".
This breach lasted for over a year, from March 2024 to December 2024, raising serious concerns about the theft of sensitive military and law enforcement-related information.
A secret memo issued by the Department of Homeland Security last June confirms that the hackers managed to penetrate deeper into the network than previously thought, without disclosing the name of the affected state.
A spokesperson for the National Guard Bureau stated that the attack did not disrupt the National Guard's missions, while investigations are ongoing to determine the extent of the damage accurately.
The Department of Defense has not issued an official comment yet, while the Chinese embassy in Washington has denied the accusations against the Chinese government, emphasizing that cyber attacks pose a common threat to all countries and that the US has not provided conclusive evidence.
The "APT Salt Typhoon" group is known for its long record of carrying out sophisticated cyber attacks, having successfully breached major companies like AT&T and Verizon last year, in addition to spying on high-profile US election campaigns, including those of Donald Trump and Kamala Harris, as well as the Senate Majority Leader's office.
Since National Guard units operate under state authority and collaborate with local law enforcement agencies, this breach increases the risk, as it could allow "APT Salt Typhoon" hackers to access other organizations.
Estimates from the Department of Homeland Security suggest that the information obtained by the hackers could assist Beijing in breaching National Guard units in other states, especially with intelligence-sharing centers between 14 states.
The hackers also gained access to geographic location maps, network design graphics, and personal information of service members.
The "APT Salt Typhoon" attack is considered one of the complex attacks that are difficult to eliminate, as hackers sometimes remain in breached networks for up to 3 years.
Last January, the US Treasury Department imposed sanctions on a Chinese company accused of supporting these operations, reflecting the seriousness and continued threats of the "APT Salt Typhoon" group to US national security.
