“The Nationwide Guard is conscious of latest Division of Protection and Division of Homeland Safety reporting concerning the Peoples Republic of China-affiliated hacking group, Salt Storm, and their focusing on of Military Nationwide Guard networks between March and December 2024,” a Nationwide Guard’s spokesperson mentioned. “Whereas we can not present particular particulars on the assault or our response to it, we are able to say this assault has not prevented the Nationwide Guard from carrying out assigned state or federal missions, and that NGB continues to research the intrusion to find out its full scope. We’re taking this matter extraordinarily severely. Safety protocols are in place to mitigate additional danger and include any potential knowledge compromises, and the response is ongoing. We’re coordinating carefully with DHS and different federal companions.”
A part of a broader marketing campaign in opposition to vital infrastructure
The Nationwide Guard breach represents a part of a a lot bigger Salt Storm marketing campaign focusing on the US authorities and demanding infrastructure entities. Based on the memo, “In 2023 and 2024, Salt Storm additionally stole 1,462 community configuration information related to roughly 70 US authorities and demanding infrastructure entities from 12 sectors, together with Power, Communications, Transportation, and Water and Wastewater.”
These configuration information pose a big risk as a result of they “may allow additional laptop community exploitation of different networks, together with knowledge seize, administrator account manipulation, and lateral motion between networks,” the doc defined.
