Chinese Hackers Breach U.S. National Guard Networks for Nearly a Year

An elite Chinese cyberspy group infiltrated a U.S. state’s Army National Guard network for nearly a year, according to a Department of Homeland Security memo describing Pentagon findings.

The group, known as “Salt Typhoon,” “extensively compromised” the National Guard’s systems from March 2024 through December, potentially accessing sensitive military, law enforcement, and infrastructure data. The DHS memo, detailed at NBC News, warns that the breach could allow hackers to target other states’ Guard units and their cybersecurity partners.

How It Happened

Salt Typhoon is notorious for its ability to jump between organizations and stay hidden for long periods. Investigators found that the group accessed:

• Geographic maps of the state

• Diagrams of internal networks

• Personal information of service members

While officials have not disclosed which state was targeted, the National Guard Bureau confirmed the breach but said it has not disrupted federal or state missions.

A spokesperson for China’s embassy did not deny the campaign outright but said the U.S. has failed to prove Salt Typhoon’s link to Beijing.

Key Takeaways:

• Salt Typhoon has previously targeted major U.S. telecoms and government agencies.

• The group is adept at long-term persistence, with one prior intrusion lasting up to three years.

• DHS warns the hack may enable follow-on attacks against critical infrastructure and state-level partners.

As Salt Typhoon’s operations continue, organizations tied to government and infrastructure are urged to strengthen defenses and review their exposure to persistent advanced threats.

Build apps powered by generative AI with this learning path at Scrimba. In 2025, this is a valuable skillset for startups, agencies, and large corporations.

Related Reading