Salt Typhoon reportedly breaches US congressional committee staff emails

Multiple U.S. congressional committee staffers were reported to have had their email accounts compromised by Chinese state-sponsored threat operation Salt Typhoon in a cyberespionage campaign initially detected last month, according to ITPro.

Aside from targeting House China Committee staffers, Kimsuky also set its sights on aides at the Armed Services Committee, Foreign Affairs Committee, and Intelligence Committee, noted sources close to the matter in reports from the Financial Times. Such a campaign, which comes after previous Kimsuky exploits aimed at leading U.S. telecommunications providers and a state National Guard Network, emphasizes the weakness of federal core communication systems, said Benjamin Schilz, CEO at Swiss software firm Wire.

"Regardless of whether lawmakers' emails were accessed, the fact this activity went undetected for years is deeply concerning. Persistent access of this nature creates the potential to intercept unencrypted communications, including calls, messages, and voicemails across the U.S. population, posing a serious national security risk," Schilz added.