China’s Salt Typhoon Hackers Infiltrated US National Guard for a Year
▼ Summary
– The FBI’s Jeffrey Epstein prison video analysis revealed approximately 2 minutes and 53 seconds were removed from one of two stitched-together clips, though no evidence of deceptive manipulation was found.
– The DHS is under scrutiny for adding DNA samples from 133,000 migrant children to a criminal database, while sensitive adoption data was exposed online.
– Roblox introduced AI-powered age verification via video selfies, as deepfake and AI “nudify” platforms gain traction, raising privacy concerns.
– Chinese hacking group Salt Typhoon breached a US state National Guard network for months, potentially compromising data to target other states’ systems.
– A critical vulnerability in US train braking systems, unrepaired since 2005, exposes freight trains to potential hacker-triggered derailments.
– Google is suing Chinese cybercriminals behind the BadBox 2.0 botnet, which infected 10 million Android TVs before sale for click-fraud and proxy schemes.
– The Trump administration is developing a system to give ICE near-real-time access to taxpayer data, bypassing IRS safeguards and raising privacy law concerns.
A sophisticated Chinese hacking group infiltrated US National Guard systems for nearly a year, exposing vulnerabilities in military networks while raising alarms about potential broader cyberespionage threats. Security experts warn the breach could provide Beijing with critical intelligence to target other state-level defense units and their cybersecurity partners.
Recent revelations confirm that Salt Typhoon, a state-sponsored Chinese cyberespionage unit, successfully penetrated a state National Guard network between March and December last year. While the exact location remains undisclosed, leaked Department of Homeland Security documents indicate the hackers likely harvested sensitive data that could facilitate further intrusions into military and government systems. This follows earlier reports of the group compromising US telecom infrastructure, including real-time surveillance of political figures.
Meanwhile, privacy concerns escalate as the Trump administration advances plans to grant Immigration and Customs Enforcement (ICE) near-instant access to taxpayer records, including home addresses. Internal documents reveal a proposed automated system bypassing traditional IRS safeguards, prompting backlash from civil liberties advocates who argue it could violate privacy laws and accelerate deportations.
In another alarming development, a decades-old flaw in US rail systems leaves freight trains vulnerable to cyberattacks that could trigger unauthorized braking or even derailments. Researchers discovered the vulnerability, first reported in 2005, remains unpatched, exposing critical infrastructure to potential sabotage. The Cybersecurity and Infrastructure Security Agency has issued warnings, but a full replacement of affected systems won’t begin until next year.
On the consumer front, Google is taking legal action against Chinese cybercriminals behind the “BadBox 2.0” botnet, which infected millions of Android-powered TVs before they reached buyers. The malware-enabled devices were exploited in large-scale click fraud and proxy schemes, marking one of the largest IoT botnets ever uncovered.
These incidents highlight growing cybersecurity risks across government, infrastructure, and consumer technology, underscoring the need for stronger defenses against increasingly bold cyber threats.
(Source: Wired)
