1. Forum
  2. FidoNet
  3. POLITICS

  • US Government says Salt T

    From Mike Powell@1:2320/105 to All on Wed Dec 4 11:33:00 2024
    US Government says Salt Typhoon still lurks on telecoms networks, shares some top tips to stay protected

    Date:
    Wed, 04 Dec 2024 14:00:00 +0000

    Description:
    Months after being spotted, Salt Typhoon is still lurking, CISA says.

    FULL STORY

    The US Cybersecurity and Infrastructure Security Agency (CISA) believes Salt Typhoon, the Chinese state-sponsored threat actor that was spotted in telecommunications giants networks months ago, is still lurking and hasnt
    been completely eradicated. To help organizations tackle this important
    threat, the agency released in-depth guidance earlier this week.

    Salt Typhoon is a known hacking collective, on payroll with the Chinese government. It is mostly engaged in cyber-espionage, targeting important entities and figures in the West, with infostealers and similar malware .

    It is part of a wider campaign that includes a number of other typhoons -
    Flax Typhoon, Volt Typhoon, and Brass Typhoon, that seeks not just to steal information, but also to disrupt critical infrastructure.

    Strengthening the network

    For months now, cybersecurity experts, government agents, and the media have been reporting on Salt Typhoons attacks on internet service providers, telecommunications firms, and similar companies. The targets have been
    working hard on cleaning up their IT systems, but according to CISA, theres still work to be done.

    That being said, the agency first suggests telecoms strengthen their network visibility and focus on monitoring, detecting, and understanding network activity. Then, the report discusses hardening systems and devices through protocols and management processes, device hardening, and access controls . Finally, it tackles incident reporting and provides detailed contact information for reporting cybersecurity incidents in the U.S., Australia, Canada, and New Zealand.

    Software manufacturers should embed security principles during development, CISA concluded, advocating for secure-by-design configurations, which should reduce reliance on customer hardening.

    Software manufacturers should prioritize secure by design configurations to eliminate the need for customer implementation of hardening guidelines, it said. Additionally, customers should demand that the software they purchase
    is secure by design.

    For any organization fearing being targeted by Salt Typhoon (or any other Typhoon, for that matter), CISAs guidance is a must-read.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/us-government-says-salt-typhoon-still-l urks-on-telecoms-networks-shares-some-top-tips-to-stay-protected

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)