Viasat Inc., a major satellite and wireless networking company, has been identified as the latest victim of the massive Chinese government-linked cyberattack known as “Salt Typhoon,” joining telecommunications giants Verizon, AT&T, and Lumen Technologies in what security experts describe as one of the most sophisticated state-sponsored surveillance campaigns ever discovered.
The breach, which targeted critical U.S. communications infrastructure, compromised an estimated 100 million records belonging to 1.3 million users and enabled Chinese hackers to access law enforcement surveillance tools while intercepting sensitive political communications during the 2024 presidential campaign.
The California-headquartered satellite communications provider confirmed that unauthorized access was detected through a compromised device earlier this year, prompting an immediate investigation with independent cybersecurity partners.
Viasat’s initial assessment found “no evidence to suggest any impact to customers,” though the company acknowledged that additional details regarding the government’s ongoing investigation remain classified due to their sensitive nature.
The breach represents a significant security concern given Viasat’s critical infrastructure role, providing in-flight internet services for commercial aviation and secure communications support across air, land, and sea operations for governments worldwide.
With approximately 257,000 home internet subscribers and direct competition with SpaceX’s Starlink and EchoStar’s Boost Mobile in cellular services, the company’s network compromise potentially exposed diverse communication channels to foreign surveillance.
Salt Typhoon Campaign Scale
The Salt Typhoon operation, attributed by Microsoft to Chinese state-affiliated actors, demonstrated unprecedented sophistication in targeting U.S. telecommunications infrastructure.
FBI investigations revealed that hackers successfully infiltrated law enforcement surveillance tools, enabling them to monitor persons of interest while collecting massive volumes of call records and compromising communications of government officials and political figures.
The campaign’s scope extended far beyond Viasat, with tens of millions of phone records compromised, including communications from then-presidential candidate Donald Trump and members of both political campaigns during the 2024 election cycle.
FBI Cyber Division head Brett Leatherman characterized these attacks as “deliberate campaigns with geopolitical consequences,” noting that the collected data provides China with enhanced intelligence capabilities when analyzed in aggregate.
Ongoing Investigation
According to Report, Federal authorities have mobilized significant resources to address the Salt Typhoon infiltration, with the FBI coordinating closely with affected companies and international intelligence partners through the Five Eyes alliance.
Despite the discovery of the breach, much of the malicious activity appears to be historical in nature, with threat actors seemingly dormant since public disclosure of the operation.
The Biden administration previously sanctioned a Chinese firm for “direct involvement” in the infiltrations, while Beijing continues to deny allegations of state-sponsored cyber espionage.
However, the investigation faces potential challenges as key cybersecurity leadership positions remain vacant across multiple government agencies, including the National Security Agency, Office of the National Cyber Director, and Cybersecurity Infrastructure Security Agency.
FBI Director Kash Patel has designated countering Chinese Communist Party activities as a top priority, emphasizing the strategic threat posed by coordinated cyber campaigns targeting critical American infrastructure.
The investigation continues with support from international partners, though the full extent of the compromise and long-term implications for national security remain under assessment.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
