In a significant escalation of its cybersecurity efforts, the FBI has announced a reward of up to $10 million for information leading to the identification or location of individuals involved in the “Salt Typhoon” cyber-espionage campaign. This sophisticated operation, attributed to actors affiliated with the People’s Republic of China (PRC), has targeted multiple U.S. telecommunications companies, compromising critical infrastructure and sensitive data .
The Scope of the Breach
First publicly disclosed in late 2024, Salt Typhoon’s activities have been characterized by their breadth and indiscriminate targeting. The attackers infiltrated at least nine major U.S. telecom providers, accessing systems responsible for facilitating lawful intercepts—platforms designed to fulfill court-ordered law enforcement requests for call data and communications. This breach enabled the theft of call data logs, unauthorized access to a limited number of private communications, and the copying of select information subject to U.S. legal processes .
Technical Sophistication
Investigations have revealed that Salt Typhoon leveraged advanced persistent threat (APT) tactics to gain and maintain unauthorized access to telecom networks. The attackers exploited vulnerabilities in network infrastructure, including Cisco platforms, and targeted systems that manage lawful intercepts, which are typically subject to stringent security controls. Their ability to bypass these defenses highlights the campaign’s technical sophistication .
Government Response
In response to these intrusions, the FBI and its partners—including the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and allied cyber defense agencies—have issued joint guidance on “Enhanced Visibility and Hardening” for communications infrastructure. This guidance emphasizes the need to remove unnecessary internet-facing assets, monitor critical systems, and continuously validate network architecture to mitigate future threats .
Call for Public Assistance
To incentivize public cooperation, the U.S. Department of State’s Rewards for Justice (RFJ) program is offering up to $10 million for information leading to the identification or location of foreign government-linked individuals engaged in malicious cyber activities against U.S. critical infrastructure, in violation of the Computer Fraud and Abuse Act (CFAA) .
Anyone with relevant information is urged to contact their local FBI field office, file a report via the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov, or submit tips to the RFJ program through secure channels, including Signal (+1-202-702-7843) and a Tor-based tip line .
As the investigation continues, the FBI and its partners remain vigilant, working to strengthen cyber defenses and safeguard the privacy and security of Americans against evolving nation-state threats.
