When U.S. officials began publicly discussing the threat actor known as Salt Typhoon, it was clear this was something beyond mere disorganized attacks. But for compliance leaders, the more important question was how a campaign of this scale could operate for so long within systems that were supposed to be compliant?
At the center of this gap is a concept many organizations believe they have already addressed… namely, rootkits.