Salt Typhoon's National Guard Breach Highlights Critical Week in Security
Share this article
Salt Typhoon's Stealthy Assault on US National Guard
Chinese state-sponsored hacking group Salt Typhoon maintained unauthorized access to a US state National Guard network for nearly a year (March-December 2023), according to a Department of Homeland Security memo obtained by transparency nonprofit Property of the People. The breach—following Salt Typhoon's earlier compromise of US telecom systems—potentially exposed data enabling further attacks against National Guard units nationwide.
"This likely provided Beijing with data that could facilitate the hacking of other states’ Army National Guard units, and possibly many of their state-level cybersecurity partners," the DHS warned.
Critical Infrastructure at Risk: 20-Year-Old Train Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) disclosed a critical vulnerability in train braking systems unaddressed since 2005. The flaw allows unauthenticated commands to be sent between head (HOT) and end-of-train (EOT) devices, enabling attackers to trigger brakes, disrupt networks, or cause derailments. Tens of thousands of vulnerable devices won't begin replacement until 2025.
Government Data Controversies
- IRS/ICE Data Pipeline: Internal blueprints reveal plans to grant Immigration and Customs Enforcement (ICE) real-time access to taxpayer addresses and sensitive data, bypassing traditional privacy safeguards.
- Migrant DNA Database: DHS faces scrutiny for adding DNA samples from ~133,000 migrant minors to a criminal database.
Significant Data Exposures
- Adoption Records: Researcher Jeremiah Fowler discovered 2+ GB of sensitive adoption data—including biological/adoptive parent and child details—publicly accessible online.
- Roblox Biometrics: The platform's new "Trusted Connections" uses AI analysis of teen video selfies for age verification, raising privacy concerns.
- AI Exploitation: Deepfake and "nudify" platforms leveraging US tech generate millions in revenue from non-consensual imagery.
Major Cybercrime Operations
Google filed suit against Chinese operators of the BadBox 2.0 botnet—10+ million Android TVs pre-infected with malware before sale. The botnet enabled proxy services and ad fraud at unprecedented scale.
Evidence Integrity Questions
Metadata analysis revealed 2 minutes 53 seconds missing from "raw" FBI-posted Jeffrey Epstein prison footage, though no evidence of deceptive manipulation was found.
These incidents—spanning state espionage, critical infrastructure neglect, and systemic privacy failures—paint a stark picture of evolving threats demanding urgent, coordinated responses across public and private sectors.
Source: WIRED