The public first heard the name of Chinese threat actor “Salt Typhoon” on September 25, 2024, when the Wall Street Journal published an article titled “China-Linked Hackers Breach US Internet Providers in New ‘Salt Typhoon’ Cyber Attack.” Many of us were not expecting another typhoon to blow in so quickly. We were still trying to understand Flax Typhoon, which had been revealed barely a week before. Since then, reporting of the Salt Typhoon threat actor has flooded the media. We have been gradually learning the magnitude of the threat actor and its impact. However, as the Natto Team observes how Salt Typhoon stories have unfolded, we have more questions than answers, as we always do.

Share

Salt Typhoon Intrusion Reporting Driven by Media Reports 

Unlike most cyber intrusion cases – which are often revealed and tracked by cybersecurity firms based on telemetry data – this time it was a media outlet, the Wal…