Yazılar

Viasat Confirmed as Victim of Chinese Salt Typhoon Cyberespionage Campaign

/in /tarafından

Satellite communications firm Viasat Inc has been identified as a victim of the Salt Typhoon cyberespionage operation linked to China during the 2024 U.S. presidential campaign, Bloomberg News reported on Tuesday, citing sources familiar with the investigation.

The breach was discovered earlier this year. Viasat, working alongside a government investigation and an independent cybersecurity partner, found evidence of unauthorized access through a compromised device but stated there was no evidence of customer data being affected.

“Viasat believes that the incident has been remediated and has not detected any recent activity related to this event,” the company said in a statement.

U.S. officials have previously accused Salt Typhoon hackers of breaching multiple telecom companies—including Verizon, AT&T, and Lumen—stealing sensitive telephone audio intercepts and extensive call records. In December, the government added a ninth unnamed telecom firm to the list of victims, revealing the hackers had broad network access to track millions of individuals and record phone calls.

Reportedly, Salt Typhoon targeted individuals connected to both major presidential campaigns, including those of Democrat Kamala Harris and Republican Donald Trump.

China has denied the allegations, labeling them as disinformation and asserting Beijing’s opposition to cyberattacks and cyber theft.

Meta’s Lawsuit Against NSO Unveils Rare Details of Global Spyware Industry

/in /tarafından

Meta’s $168 million court victory against Israeli spyware maker NSO Group has not only concluded a protracted six-year legal battle but also offered an unprecedented look into the shadowy world of cyberespionage, where elite surveillance tools come with multimillion-dollar price tags and state-level buyers.

A California federal jury found NSO guilty of unlawfully hacking WhatsApp servers to target users on behalf of foreign intelligence agencies, awarding Meta both compensatory and punitive damages. The lawsuit, first filed in 2019, became a landmark case for digital privacy advocates and a rare legal showdown against a prominent spyware firm.

Top-Tier Spyware Comes at a High Cost

Testimony revealed that NSO charged European clients about $7 million for access to its spyware platform capable of hacking up to 15 devices simultaneously. For additional capabilities—like hacking phones outside of a client’s national borderscustomers paid up to $2 million more, according to Sarit Bizinsky Gil, NSO’s VP of global business operations.

Meta’s attorney Antonio Perez called the software highly sophisticated” and “extremely expensive,” underscoring the elite and dangerous nature of such tools.

Thousands of Devices Compromised

Between 2018 and 2020, NSO broke into thousands of devices, according to Tamir Gazneli, the company’s VP of R&D. He downplayed the term “spyware,” insisting the tools were used for “intelligence gathering,” not spying on people. In a tense exchange, Perez asked, You don’t consider the targets people, Mr. Gazneli?”a question that revealed how NSO distances itself from the ethical weight of its clients’ actions.

U.S. Agencies Paid Millions

Court records showed that the CIA and FBI collectively paid NSO $7.6 million. While prior media reports suggested U.S. involvement, this trial provided the first official financial confirmation, including a CIA-backed spyware purchase for Djibouti and FBI testing efforts.

NSO Continued Hacking During Litigation

Meta alleged that NSO continued to target WhatsApp servers even after the lawsuit was filed, saying the firm poses a significant threat of ongoing and prospective harm.” Meta is now seeking a permanent injunction to block NSO from accessing its platforms.

This case has not only highlighted the legal vulnerabilities of spyware vendors but also peeled back layers of secrecy surrounding government surveillance contracts, client relationships, and the massive scale of digital intrusions involved.

AT&T and Verizon Acknowledge Salt Typhoon Cyberespionage, Networks Secured

/in /tarafından

AT&T and Verizon confirmed on Saturday that their systems were targeted by Salt Typhoon, a Chinese-linked cyberespionage operation, but assured the public that their U.S. networks are now secure. Both companies are collaborating with law enforcement and government agencies to assess and mitigate any remaining risks.

An AT&T spokesperson stated, “We detect no activity by nation-state actors in our networks at this time.” They added that the People’s Republic of China targeted a small group of individuals with foreign intelligence value. While only limited information was compromised, AT&T continues to monitor and remediate its networks to safeguard customer data.

Verizon, in its statement, reported similar containment efforts. Chief Legal Officer Craig Silliman said, “We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident.” The containment has been independently verified by a respected cybersecurity firm.

The U.S. Department of Defense and Federal Communications Commission have not commented on the incident. However, on Friday, officials added a ninth unnamed telecom company to the list of victims. Hackers affiliated with Salt Typhoon allegedly gained extensive access to telecom networks, enabling them to geolocate millions of individuals and intercept phone calls at will.

Chinese officials have dismissed such allegations as disinformation, maintaining that Beijing opposes cyberattacks in all forms. Previous reports linked the Salt Typhoon operation to theft of telephone audio intercepts and call record data from companies like AT&T, Verizon, and Lumen.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) responded to the breach on Dec. 18 by recommending that senior government and political figures transition to end-to-end encrypted communication apps. High-profile targets of Salt Typhoon reportedly included individuals associated with Vice President Kamala Harris and former President Donald Trump’s campaigns.

Lawmakers expressed bipartisan concern over the severity of the breach. Senator Ben Ray Luján (D-NM) described it as “the largest telecommunications hack in our nation’s history,” while Senator Ted Cruz (R-TX) emphasized the urgent need to address vulnerabilities in the nation’s communications networks.

The Salt Typhoon hack has raised alarm over the scale and impact of Chinese cyberattacks on U.S. telecommunications. Both companies and government agencies face mounting pressure to assure the public about the security of the nation’s critical communication infrastructure.