National Guard was hacked by Chinese ‘Salt Typhoon’ group for nearly a year, DHS memo says
- - - National Guard was hacked by Chinese ‘Salt Typhoon’ group for nearly a year, DHS memo says
Kevin CollierJuly 16, 2025 at 4:06 AM
National Guard soldiers support a federal mission in Southern California on July 10. (Sgt. Chase Murray / U.S. Army)
An elite Chinese cyberspy group hacked at least one state’s National Guard network for nearly a year, the Department of Defense has found.
The hackers, already responsible for one of the most expansive cyberespionage campaigns against the U.S. to date, are alleged to have burrowed even further than previously known, and may have obtained sensitive military or law enforcement information. Authorities are still working to discover the extent of the data accessed.
A Department of Homeland Security memo from June, describing the Pentagon’s findings, said that the group, publicly known by the nickname Salt Typhoon, “extensively compromised a U.S. state’s Army National Guard network” from March 2024 through December 2024. The memo did not specify which state was affected.
The report was provided to NBC News through the national security transparency nonprofit Property of the People, which obtained it through a freedom of information request.
The Department of Defense didn’t respond to a request for comment. A National Guard Bureau spokesperson confirmed the compromise but declined to share details.
“While we cannot provide specific details on the attack or our response to it, we can say this attack has not prevented the National Guard from accomplishing assigned state or federal missions, and that NGB continues to investigate the intrusion to determine its full scope,” the spokesperson said.
A spokesperson for China’s embassy in Washington did not deny the campaign but said the U.S. has failed to prove China is behind the Salt Typhoon hacks.
“Cyberattacks are a common threat faced by all countries, China included,” the spokesperson said, adding that the U.S. “has been unable to produce conclusive and reliable evidence that the ‘Salt Typhoon’ is linked to the Chinese government.”
Salt Typhoon is notorious even by the standards of China’s massive cyberspy efforts because of its ability to jump from one organization to another. Last year, U.S. authorities found that it had hacked at least eight of the country’s largest internet and phone companies, including AT&T and Verizon, using access to spy on the calls and text messages of both the Harris and Trump presidential campaigns, as well as the office of then-Senate Majority Leader Chuck Schumer.
While part of the Department of Defense, National Guard units are also under the authority of their states; some are deeply integrated with local governments or law enforcement, which may have given the Salt Typhoon hackers the ability to compromise other organizations.
The hack “likely provided Beijing with data that could facilitate the hacking of other states’ Army National Guard units, and possibly many of their state-level cybersecurity partners,” the DHS report found. The National Guard in 14 U.S. states work with law enforcement “fusion centers” to share intelligence, the DHS memo notes. The hackers accessed a map of geographic locations in the targeted state, diagrams of how internal networks are set up, and personal information of service members, it said.
In January, the Treasury Department — also a recent target of alleged Chinese hacking — sanctioned a Sichuan company for allegedly helping Beijing’s Ministry of State Security conduct Salt Typhoon operations.
Salt Typhoon can be pernicious and hard to root out once the hackers take hold. In the AT&T case, the company announced in December that it appeared as if they were no longer being affected and Verizon said in January it had “contained” the incident. Both companies stopped short of saying they were fully protected from the hackers returning. A report from Cisco said that, in at least one instance, Salt Typhoon hackers remained in an affected environment for up to three years.
Source: AOL General News
