Tech Updates

Salt Typhoon Explained — The Chinese Telecom Breach, One Year Later (2026)


Listen Later

In late 2024, Verizon, AT&T, and T-Mobile all admitted the same thing: their lawful-intercept systems — the ones they build for law enforcement — had been compromised by a Chinese state actor called Salt Typhoon. Years of dwell time. Wiretap infrastructure for politicians, including a presidential campaign. Sixteen months later, what have we actually fixed? Plus — why Volt Typhoon is the warning shot nobody's responding to, and why OT networks are still flat.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

📚 WHAT YOU'LL LEARN

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

✅ The Salt / Volt / Flax Typhoon lineup — who they are, what they do

✅ How Salt Typhoon abused CALEA — the FBI's own backdoor

✅ Why Volt Typhoon is military pre-positioning, not espionage

✅ CISA's Feb 2026 lessons-learned report — wins and ugly parts

✅ Why OT networks remain "largely unchanged" from pre-2023 posture

✅ The defensive playbook that ties to Network+ Obj 3.5 (out-of-band mgmt, jump servers)

✅ Why this can't be fixed with a product purchase — it needs policy

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

⏱ CHAPTERS

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

0:00 Intro — 3 telecoms, same breach, same actor

0:49 The Typhoon lineup — Salt, Volt, Flax

2:07 CALEA — the 1994 law that became an attack surface

3:42 CISA's 2026 report — wins and ugly parts

5:06 OT is still flat — the uncomfortable truth

6:51 The defensive playbook — segmentation, zero-trust OT, OOB mgmt

8:45 The real lesson — this is policy, not a product

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

🎯 THE MEMORABLE LINES

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

• "The FBI's backdoor is also the PRC's backdoor."

• "Predicted — by everyone. Dismissed — by everyone in government. Here we are."

• "You don't get promoted for the attack that doesn't happen."

• "Volt Typhoon is what happens when nobody replaces the kit."

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

📡 TECH UPDATES · THE PODCAST

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

🔗 techupdates.it-learn.io

Previous → EP19 · AI Is Eating the Grid

Up next → EP21 · Non-Human Identities Are Eating Your Network

#TechUpdates #SaltTyphoon #VoltTyphoon #CALEA #CriticalInfrastructure #OTSecurity #Telecoms #CISA #CyberPolicy #ChinaCybersecurity

...more
View all episodesView all episodes
Download on the App Store

Tech UpdatesBy Andres Sarmiento