Salt Typhoon’s activities have previously been described by Ciaran Martin, the first head of NCSC, as “China doing a ‘Snowden’ to America,” by accessing vast amounts of U.S. communications data through a “strategic spying operation of breathtaking audacity.”
The companies — Sichuan Juxinhe Network Technology Co Ltd, Beijing Huanyu Tianqiong Information Technology Co, and Sichuan Zhixin Ruijie Network Technology Co Ltd — were named by Britain alongside 12 other countries’ intelligence agencies, including partners in the Five Eyes intelligence tie-up such as the United States.
The NCSC said malicious cyber activity linked to these companies had “targeted nationally significant organizations around the world” since 2021. Targets included government, telecommunications, transportation and military infrastructure. The British spy agency added that a “cluster of activity” had been observed in the U.K.
Britain and its allies alleged on Wednesday that these companies “provide cyber-related products and services to China’s intelligence services, including multiple units in the People’s Liberation Army and Ministry of State Security.”
They added that the data stolen through telecommunications, internet and transportation services can help Chinese intelligence track targets’ communications and movements around the world.
In 2024, the U.S. was hit by one of the worst cyberattacks in its history after China was able to get access to mobile data related to millions of Americans by burrowing inside major U.S. providers including Verizon, AT&T and Lumen. The New York Times reported ahead of the 2024 election that this included data from phones used by now-President Donald Trump and his Vice President JD Vance.
Richard Horne, the NCSC’s chief executive, said in a statement that his agency was “deeply concerned by the irresponsible behavior” of the companies named, who had “enabled an unrestrained campaign of malicious cyber activities on a global scale.”
Earlier this month Dan Jarvis, the U.K. government’s security minister, told POLITICO that hackers and hostile states could face repercussions including retaliatory cyber attacks for targeting British institutions.
