Salt Typhoon Attack Shows Us World Governments Are Woefully Ill-Equipped To Handle Cyber Espionage

• Salt Typhoon, a hacking group reportedly sponsored by the Chinese government, is continuing its widespread cyberattack on the U.S. and other countries.
• The cyberattack has highlighted the weaknesses in the cyber defenses being adopted by world governments.
• According to a QBE report, the number of destructive global cyberattacks occurring each year will increase by 105% by the end of 2024.

The recent Chinese attack on several U.S. telecommunication providers, which was labeled the worst telecom attack in the country’s history, highlights the fragility of cyber defenses that protect global governments.

As U.S. citizens are being warned against sending text messages and America’s cyber team continues to fight off the attack, officials remain concerned that China still has the power to spy on millions of Americans.

Salt Typhoon Attackers Continue to Breach U.S. Telecoms Despite Sanctions

Salt Typhoon, a hacking group reportedly sponsored by the Chinese government, is continuing to breach telecommunications providers in the U.S., according to new security research .

A February report from Recorded Future said the intelligence firm found Salt Typhoon, which it calls RedMike, continued to compromise five telecom providers between December 2024 and January 2025.

In January, the U.S. government sanctioned several companies it found to be linked to the group, including Chinese cybersecurity firm Sichuan Juxinhe Network Technology.

However, researchers at Recorded Future believe this is not enough to stop Salt Typhoon from continuing to target telecom providers globally.

“Despite significant media coverage and U.S. sanctions, RedMike continues to compromise telecommunications providers globally, including in the US,” Recorded Future wrote.

The cyber intelligence firm did not disclose which telecom providers had been hit but said they included leading companies in the U.K., U.S., Italy and South Africa.

Salt Typhoon’s Attack on U.S.

The U.S. government in December that Salt Typhoon had penetrated at least eight telecom firms, the Associated Press reported .

According to the FBI, the hacking group used their access to target customers’ metadata.

This followed earlier reports that the group had hacked into several of the country’s internet providers.

Security officials have been working to clean the infiltrated systems of bad actors. However, Jeff Greene, executive assistant director for cybersecurity at CISA, told a media press briefing it was “impossible” to evict all of the hackers.

Senator Mark Warner, chairman of the Senate Intelligence Committee, told The Washington Post this was the “worst telecom hack in our nation’s history — by far.”

In a statement to the Associated Press , a spokesperson from China’s embassy said:

 “The U.S. needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China.”

The Chinese government has denied any involvement in the cyberattacks.

Citizens Urged Not to Send Text Messages

The ongoing Salt Typhoon attack has sparked an urgent warning from officials to refrain from sending text messages as the incident continues.

Jeff Greene, executive assistant director for cyber security at CISA, told reporters that they suggest citizens use encrypted communications, such as on messaging apps on WhatsApp.

“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication.”

The attack on U.S. communication systems is understood to have been going on for around two years.

Why Are Governments Struggling?

Over the past few years, the proliferation of cyberattacks on governments has increased alarmingly.

According to a September QBE report , the number of disruptive and destructive global cyberattacks taking place each year will increase by 105% by the end of 2024.

It comes as governments worldwide continue to struggle with the growing complexity and scale of digital attacks.

“The cyber battleground continues to expand, and there is an increasing global concern, particularly towards government agencies,” Spencer Starkey, Executive VP of EMEA at cybersecurity leaders SonicWall, told CCN.

“In a divisive landscape, we’re seeing a continued geo-migration of threats, and governments are under constant cyber threat.”

Starkey said that recent cyberattacks raise concerns about the safety of critical national infrastructure and sensitive information.

This is more concerning because the rapid digitization of public services has generated more potential entry points for attackers.

Dan O’Dowd, President and CEO of Green Hills Software and Founder of The Dawn Project, told CCN that critical infrastructure “is reliant on connected systems built on defective software.”

“The dangers of deploying commercial grade software in critical infrastructure cannot be understated.”

“The immense body of software developed using Silicon Valley’s ‘move fast and break things’ culture means that the software our lives depend on is riddled with defects and vulnerabilities, which can be exploited by hackers,” he added.

The World Economic Forum has also pointed to a worrying skills gap in cybersecurity professionals, which is adding to the fragility of the world’s digital defense. The agency said a global talent shortage in the cybersecurity industry could reach 85 million workers by 2030.

To protect against cyberattacks, it is “imperative for decision-makers to prioritize cybersecurity talent management as a strategic necessity,” the Forum said.