Viasat Identified as Victim of Chinese Cyber Espionage Group Salt Typhoon

• Viasat is one of the targets compromised in last year’s broad cyber operations attributed to Salt Typhoon.
• The China-affiliated threat actor breached the satellite communications company via one compromised device.
• Viasat asserts that there is no evidence of customer data being affected, but previous reports suggested otherwise.

Viasat Inc., a leading satellite communications company, has been confirmed as one of the targets in the Chinese-affiliated Salt Typhoon 2024 cyber espionage operation, Bloomberg reported earlier this week. 

This revelation stems from a breach uncovered earlier this year, linked to unauthorized access during last year’s U.S. presidential campaign activities. Investigations by Viasat and third-party cybersecurity experts attributed the breach to a compromised device. 

While the company asserts that there is no evidence of customer data being affected, they have stated that the incident has been "remediated" and there have been no signs of additional activity linked to this event. 

This incident is part of a larger campaign attributed to Salt Typhoon, which has previously targeted high-profile entities, including major telecommunications companies like Verizon, AT&T, and Lumen. 

In December, a ninth unnamed telecom company was added to the list of entities in the Salt Typhoon attack, which reportedly accessed and geolocated phone calls, intercepted user data, and monitored millions of individuals. 

Notably, the group also allegedly targeted individuals connected to the political campaigns of prominent U.S. leaders, including Kamala Harris and Donald Trump.

U.S. officials have labeled Salt Typhoon’s activities as a significant national security concern, citing its broad network access and data theft capabilities. 

Despite these allegations, Chinese authorities have consistently dismissed the claims, asserting that they oppose cyberattacks and disinformation campaigns.

The Viasat case underscores the growing threat posed by state-sponsored cyber espionage operations. Industry experts are urging businesses, especially those in infrastructure and communications, to bolster cybersecurity measures and establish advanced detection strategies against such persistent threats.