CCP-Backed Hacking Operations Breach Hundreds of US Groups—What to Know

Udumbara Udumbara
Sep 4, 2025 - 09:56 Updated: Sep 4, 2025 - 03:05
0
CCP-Backed Hacking Operations Breach Hundreds of US Groups—What to Know

.

Federal law enforcement recently released a new advisory outlining the extent of Chinese state-backed hacking attempts against the United States and other nations.

The advisory outlines the previously unknown breadth and depth of several key cyberoperations backed by the Chinese Communist Party (CCP) and targeting the United States and other nations.

Here is what to know about the attacks.

Key CCP Cybercampaign Active Since 2019

Of key importance is the FBI’s acknowledgment that the Chinese hacking group known as Salt Typhoon has been active since at least 2019 and has infiltrated hundreds more organizations than previously known.
“Active since at least 2019, these actors conducted a significant cyber-espionage campaign, breaching global telecommunications privacy and security norms,” Brett Leatherman, head of the FBI’s Cyber Division, said in a pre-recorded statement.

“Beijing’s indiscriminate targeting of private communications demands our stronger collaboration with partners to identify and counter this activity at the earliest stages.”

The new advisory, jointly published on Aug. 27 by the Cybersecurity and Infrastructure Security Agency (CISA) and numerous international partners, augments a previous report released by the agency in 2024.
“[Communist China’s] state-sponsored cyber threat actors are targeting networks globally, including ... telecommunications, government, transportation, lodging, and military infrastructure networks,” the new advisory reads.

China’s Hackers Involved 

Hackers backed by the CCP have waged a cyberwar against the United States for years.
They have attempted to sabotage critical infrastructure, impersonate U.S. voters, and interfere in U.S. elections.
The Salt Typhoon hack first came to public view in autumn 2024, when then-vice presidential candidate JD Vance said Chinese hackers had breached his cellphone as part of the campaign.

Vance said at the time that the hackers were able to breach his phone using back-end infrastructure originally created to accommodate the Patriot Act and Foreign Intelligence Surveillance Act Section 702, which allows government surveillance of U.S. citizens under certain circumstances.

Major corporations such as Verizon, AT&T, and CenturyLink were among the companies then known to be targeted.

CISA acknowledged at the time that at least eight major telecommunications firms had been breached by the hackers and could access virtually all text and call metadata retained by those companies.

However, in an interview with The Washington Post last week, Leatherman said the problem was much larger than initially understood.

He said federal law enforcement has now identified more than 200 U.S.-based organizations that were breached, as well as foreign organizations in 80 other nations.

Chinese Military Can Track Targets

The scale of the espionage and the sheer diversity of its targets are likely due to the CCP’s decision to allow several of its subsidized hacking groups to select targets without direction from the government, according to a threat analysis published earlier in 2025 by CISA.

To that end, the most recent advisory identifies three China-based companies associated with Beijing’s widespread cyberoperations that “provide cyber-related products and services to China’s intelligence services, including multiple units in the People’s Liberation Army and Ministry of State Security.”

Those companies are Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology.

Importantly, the data those companies have sought to access have likely empowered the CCP to track the movements and communications of its enemies in real time.

“The data stolen through this activity against foreign telecommunications and internet service providers (ISPs), as well as intrusions in the lodging and transportation sectors, ultimately can provide Chinese intelligence services with the capability to identify and track their targets’ communications and movements around the world,” CISA’s recent advisory states.

The Chinese regime denies that it engages in espionage against Americans.

.

Read More