The Canadian government and the FBI have confirmed that telecommunications companies across Canada have been targeted in recent cyberattacks linked to the Chinese state-sponsored hacking group known as Salt Typhoon.
In a joint advisory released late Friday, officials revealed that at least one major Canadian telecom provider was breached around mid-February of this year. During the attack, hackers gained control of three Cisco routers, modifying them to quietly intercept and extract data flowing through the telecommunications network.
The advisory highlighted that ongoing investigations suggest Salt Typhoon’s ambitions reach well beyond the telecommunications industry, signaling a potential broader threat landscape for the future.
Operating actively at least since late 2024, Salt Typhoon has a documented history of striking large U.S. telecommunications companies, internet service providers, and more recently, datacenter operators. These attacks fall within a wider espionage campaign aiming to gather confidential intelligence on prominent U.S. government officials.
Security analysts believe that Salt Typhoon is among several Chinese hacking groups likely preparing the technological landscape for a potential military scenario, particularly a theorized invasion of Taiwan that has been anticipated for as soon as 2027.
The Canadian-FBI advisory warned Canadian organizations to expect continuous targeting by these state-backed threat actors for at least the next two years, underscoring the ongoing cybersecurity risk posed by sophisticated cyber-espionage operations.
