Norway just became the latest country to publicly finger China's Salt Typhoon hacking group for breaking into its infrastructure. The Norwegian Police Security Service disclosed Friday that the notorious state-sponsored crew infiltrated several organizations by exploiting vulnerable network devices. The admission puts Norway in growing company alongside the US and Canada, all grappling with what American officials have called an 'epoch-defining threat' to critical infrastructure and telecommunications networks worldwide.
The Norwegian government just confirmed what cybersecurity experts feared - China's Salt Typhoon hacking operation has spread deeper into European infrastructure than previously known. In a national threat assessment published Friday, Norway's Police Security Service revealed that the state-sponsored group successfully breached several organizations inside the country by exploiting vulnerable network devices.
The disclosure is thin on specifics but heavy on implications. Norway didn't name the targeted companies or reveal how long the hackers maintained access, but the admission alone signals a significant escalation in Salt Typhoon's documented reach. The Norwegian embassy in the US hasn't responded to requests for additional details, leaving critical questions about the breach's scope unanswered.
What's clear is that Norway now joins an uncomfortable club. The US and Canada have both confirmed Salt Typhoon intrusions into their telecommunications infrastructure over the past year, with American officials describing the threat as 'epoch-defining.' That's not hyperbole - the FBI disclosed in August 2025 that Salt Typhoon had compromised at least 200 US companies, many of them critical infrastructure operators.
The hacking group's playbook has remained consistent: target telecom providers and network infrastructure companies to establish long-term surveillance capabilities. In the US breaches, Salt Typhoon allegedly intercepted communications of senior politicians, a revelation that sent shockwaves through Washington and to force telecoms to upgrade security standards.
