Multiple U.S. telecommunications providers compromised by Chinese state-backed threat group Salt Typhoon were noted by experts to unlikely expunge the threat from their networks, according to CyberScoop.
Aside from complications stemming from modern telecommunications networks and their identity solutions, inadequate cybersecurity measures have resulted in various pathways that could be exploited by threat actors, with Nemesis Global founder and CEO Gentry Lane noting that such a threat would be most effectively combated through early identification in the kill chain. Insufficient indicators of compromise for Salt Typhoon have also added to the challenges of threat hunters, said Censys principal security researcher Silas Cutler. "Those types of really targeted threat hunting [IOCs] to look for, I just haven't seen it with Salt Typhoon. I feel like there's not enough for me to hunt on regularly and reliably to be able to say, 'yeah, I think we have pretty good removal of this activity,'" Cutler added.
Aside from complications stemming from modern telecommunications networks and their identity solutions, inadequate cybersecurity measures have resulted in various pathways that could be exploited by threat actors, with Nemesis Global founder and CEO Gentry Lane noting that such a threat would be most effectively combated through early identification in the kill chain. Insufficient indicators of compromise for Salt Typhoon have also added to the challenges of threat hunters, said Censys principal security researcher Silas Cutler. "Those types of really targeted threat hunting [IOCs] to look for, I just haven't seen it with Salt Typhoon. I feel like there's not enough for me to hunt on regularly and reliably to be able to say, 'yeah, I think we have pretty good removal of this activity,'" Cutler added.
