The Army National Guard suffered a significant breach where a Chinese cyberespionage group nicknamed 'Salt Typhoon' extensively compromised its network. The hackers exfiltrated maps, data traffic, network configuration, and administrator credentials. The breach spanned from March to December 2024 and affected networks in every US state and at least four US territories. This incident has raised concerns about the vulnerability of critical infrastructure and the potential for future cyber-attacks.
TPRM report: https://www.rankiteo.com/company/army-national-guard
"id": "arm603071825",
"linkid": "army-national-guard",
"type": "Breach",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Defense',
'location': 'Unnamed US State',
'name': 'US Army National Guard',
'type': 'Government'}],
'attack_vector': 'Network Compromise',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'type_of_data_compromised': ['Maps',
'Data Traffic',
'Network Configuration',
'Network Diagrams',
'Administrator Credentials',
'PII of Service Members']},
'description': "A US state's Army National Guard network suffered a breach by "
'the group Salt Typhoon. Maps and data were stolen between '
'March and December 2024.',
'impact': {'data_compromised': ['Maps',
'Data Traffic',
'Network Configuration',
'Network Diagrams',
'Administrator Credentials',
'PII of Service Members'],
'systems_affected': ['US state Army National Guard network',
"Counterparts' networks in every other US "
'state and at least four US territories']},
'initial_access_broker': {'high_value_targets': ['US state Army National '
'Guard network']},
'motivation': 'Intelligence Gathering, Critical Infrastructure Sabotage',
'references': [{'source': 'NBC News'}, {'source': 'Property of the People'}],
'threat_actor': 'Salt Typhoon',
'title': 'Cyber Espionage Breach of US Army National Guard Network',
'type': 'Cyber Espionage'}