An American state's Army National Guard network was thoroughly hacked by a Chinese cyberespionage group nicknamed "Salt Typhoon," according to a Department of Homeland Security memo.
The memo obtained by Property of the People, a national security transparency nonprofit, said the hackers "extensively compromised" the unnamed state Army National Guard's network between March and December 2024 and exfiltrated maps and "data traffic" with counterparts' networks in "every other US state and at least four US territories."
The National Guard and the Department of Homeland Security's cyber defense arm, CISA, did not immediately return messages.
News of the memo was first reported by NBC News.
Salt Typhoon has emerged as one of the top concerns of American cyber defenders.
US officials allege that the hacking group is doing more than just gathering intelligence; it is prepositioning itself to paralyse US critical infrastructure in case of a conflict with China. Beijing has repeatedly denied being behind the intrusions.
The memo, which said it drew on reporting from the Pentagon, said that Salt Typhoon's success in compromising states' Army National Guard networks nationwide "could undermine local cybersecurity efforts to protect critical infrastructure," in part because such units are often "integrated with state fusion centers responsible for sharing threat information—including cyber threats."
.png&w=100&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
