Salt Typhoon is hacking the world’s phone and internet giants. Here’s everywhere that’s been hit.

Salt Typhoon is down 1 of the broadest hacking campaigns successful caller years, targeting immoderate of the world’s largest telephone and net companies and stealing tens of millions of telephone records astir elder authorities officials.

The hacking group, attributed to China, is portion of a wider clump of hackers with the corporate purpose of helping China hole for an eventual warfare with Taiwan, according to researchers. U.S. officials person called China’s imaginable penetration of Taiwan an “epoch-defining threat.” Much of the group’s efforts person focused connected hacking Cisco routers astatine the borderline of a company’s web to interruption in, and taking power of surveillance devices that U.S. telecom companies are legally required to instal to let instrumentality enforcement to show calls and messages.

While Salt Typhoon is focused connected hacking telecom infrastructure, different China-hacked groups similar Volt Typhoon are prepositioning for destructive cyberattacks susceptible of causing wide disruption; and Flax Typhoon runs a botnet of hijacked internet-connected devices for hiding the hackers’ malicious net traffic.

But Salt Typhoon is by acold 1 of the astir prolific hacking groups successful caller years, including targeting immoderate of the apical American telephone companies.

The hacks allowed China to get telephone records, substance messages, and captured telephone audio from elder U.S. officials, galore of whom were considered authorities targets of interest. This prompted the FBI to impulse Americans to switch to end-to-end encrypted messaging apps, fearing that their communications could beryllium eavesdropped connected by a overseas adversary.

Salt Typhoon went adjacent further, hacking at slightest 200 companies astir the world, according to FBI officials. The database of affected countries keeps growing.

Here are the countries that person attributed hacks to Salt Typhoon.

United States

Some of the apical U.S. telephone companies, including AT&T and Verizon, were confirmed hacked by Salt Typhoon, arsenic was net supplier CenturyLink (now Lumen). T-Mobile said it was targeted but that the hackers had nary entree to its customers’ calls, substance messages, oregon voicemails.

Satellite communications elephantine Viasat was besides compromised, allowing hackers to summation entree to tools utilized by instrumentality enforcement to entree the communications of others. 

Internet and information providers Charter Communications (Spectrum) and Windstream were besides named arsenic Salt Typhoon victims. Fiber web elephantine Consolidated Communications was reportedly hacked arsenic portion of the campaign.

The hackers didn’t conscionable people telephone and net providers. Per several reports, Salt Typhoon compromised the networks of a U.S. state’s National Guard, allowing them to bargain information and entree to different networks successful each different U.S. authorities and respective territories.

North and South America

According to security steadfast Recorded Future, its researchers person seen Salt Typhoon people Cisco devices associated with universities successful Argentina and Mexico and elsewhere. 

Meanwhile, the Canadian government confirmed that its apical telecommunications firms were hacked by China arsenic portion of Salt Typhoon’s extended espionage campaign. Canada besides confirmed respective Cisco routers astatine 1 telecom elephantine were hacked to bargain information from the company. 

The authorities successful Ottawa warned it saw targeting of companies that were “broader than conscionable the telecommunications sector.”

Trend Micro said it saw Salt Typhoon enactment successful Brazil, the astir populous state successful South America. 

Asia, Africa, and Oceania

Recorded Future said it’s seen Salt Typhoon targeting astatine slightest 1 Myanmar-based telecoms provider, Mytel, by mode of hacked Cisco routers, arsenic good arsenic a South African telecommunications provider. It’s besides seen attacks targeting routers of universities crossed Bangladesh, Indonesia, Malaysia, and Thailand.

Japan has besides warned of the menace of Salt Typhoon to its networks. 

Both the governments of Australia and New Zealand accidental they’ve seen Salt Typhoon enactment successful their telecom and captious infrastructure sectors. New Zealand said it besides saw Salt Typhoon hackers crossed the authorities sector, arsenic good arsenic transportation, lodging, and subject infrastructure networks.

Trend Micro besides said it recovered astatine slightest 20 compromised organizations crossed the telecoms, consulting, chemical, and proscription industries, arsenic good arsenic authorities agencies and non-profits successful assorted countries, including Afghanistan, Eswatini, India, Taiwan, and the Philippines.

Europe

The British authorities has confirmed that a “cluster of activity” from Salt Typhoon was seen crossed the United Kingdom. While the enactment wasn’t specified, news reporting suggests that elder U.K. authorities unit whitethorn person had their telephone records tapped and substance messages read.

Norway has also confirmed Salt Typhoon hacked respective organizations successful the country. 

Dutch authorities successful the Netherlands accidental that respective smaller net providers and web hosts were targeted and had entree to routers, their interior networks were not compromised.

An Italian net supplier was hacked, per Recorded Future.

And, according to Czech cybersecurity officials, incidents related to Salt Typhoon hacks person been witnessed successful Finland and Poland.